OTL.Txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 6/10/2017 2:10:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\myriam\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18665)
Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy

5.98 Gb Total Physical Memory | 4.01 Gb Available Physical Memory | 67.01% Memory free
11.96 Gb Paging File | 9.01 Gb Available in Paging File | 75.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1849.21 Gb Total Space | 762.01 Gb Free Space | 41.21% Space Free | Partition Type: NTFS
Drive D: | 13.71 Gb Total Space | 0.65 Gb Free Space | 4.72% Space Free | Partition Type: NTFS

Computer Name: MYRIAM-HP | User Name: myriam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2017/06/10 14:07:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\myriam\Desktop\OTL.exe
PRC - [2017/04/29 19:36:32 | 000,288,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
PRC - [2017/04/25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016/11/25 15:41:39 | 000,223,704 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
PRC - [2016/06/28 02:54:28 | 000,241,544 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
PRC - [2015/03/05 10:46:07 | 000,131,144 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
PRC - [2014/10/08 18:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2014/10/08 18:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2014/04/02 01:39:40 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\myriam\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2010/10/05 16:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/10/05 16:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/09/28 17:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2010/04/23 21:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2017/04/16 10:37:33 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2016/08/22 18:19:43 | 001,386,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2013/06/11 11:32:22 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2011/06/24 02:23:14 | 000,302,592 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STacSV64.exe -- (STacSV)
SRV:[b]64bit:[/b] - [2010/08/06 04:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:[b]64bit:[/b] - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2017/05/20 13:10:41 | 000,271,864 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2017/04/25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2017/03/26 20:33:36 | 000,105,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2016/06/28 02:54:28 | 000,241,544 | ---- | M] (AO Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe -- (AVP17.0.0)
SRV - [2016/06/28 02:53:14 | 000,077,328 | ---- | M] (AO Kaspersky Lab) [On_Demand | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe -- (klvssbrigde64)
SRV - [2015/05/19 17:22:06 | 000,099,128 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2015/03/05 10:46:07 | 000,131,144 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe -- (NCO)
SRV - [2014/10/08 18:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2014/10/08 18:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2014/03/21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2010/10/05 16:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/05 16:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/09/28 17:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/06/19 03:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008/11/09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:[b]64bit:[/b] - [2017/04/11 12:40:19 | 001,035,480 | ---- | M] (AO Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2017/04/11 12:40:19 | 000,195,296 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klflt.sys -- (klflt)
DRV:[b]64bit:[/b] - [2017/04/11 12:40:08 | 000,314,864 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klhk.sys -- (klhk)
DRV:[b]64bit:[/b] - [2017/03/14 18:03:25 | 000,199,392 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:[b]64bit:[/b] - [2017/03/14 18:03:25 | 000,135,904 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klwtp.sys -- (Klwtp)
DRV:[b]64bit:[/b] - [2016/12/07 14:22:31 | 000,057,936 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2016/09/05 05:47:12 | 000,165,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2016/09/05 05:47:06 | 000,131,712 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2016/06/15 01:19:48 | 000,086,352 | ---- | M] (AO Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klbackupflt.sys -- (klbackupflt)
DRV:[b]64bit:[/b] - [2016/06/10 07:41:26 | 000,238,936 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cm_km.sys -- (cm_km)
DRV:[b]64bit:[/b] - [2016/06/08 00:33:14 | 000,063,920 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbackupdisk.sys -- (klbackupdisk)
DRV:[b]64bit:[/b] - [2016/06/02 04:43:38 | 000,554,416 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:[b]64bit:[/b] - [2016/06/01 00:31:20 | 000,045,488 | ---- | M] (AO Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klpd.sys -- (klpd)
DRV:[b]64bit:[/b] - [2016/06/01 00:24:06 | 000,078,216 | ---- | M] (AO Kaspersky Lab) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\kldisk.sys -- (kldisk)
DRV:[b]64bit:[/b] - [2016/05/19 01:53:04 | 000,052,144 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:[b]64bit:[/b] - [2016/05/18 00:15:46 | 000,075,696 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:[b]64bit:[/b] - [2015/11/05 16:23:52 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2015/08/08 13:54:52 | 000,013,344 | ---- | M] (Rsupport Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrvd5.sys -- (vrvd5)
DRV:[b]64bit:[/b] - [2015/06/07 02:50:04 | 000,041,648 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2015/02/02 14:45:28 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys -- (WsAudioDevice_383S(1)
DRV:[b]64bit:[/b] - [2014/12/31 11:44:22 | 002,486,416 | ---- | M] (MediaTek Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:[b]64bit:[/b] - [2014/10/08 18:18:54 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2014/10/08 18:18:54 | 000,029,352 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2014/10/08 18:18:54 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2014/10/08 18:18:50 | 000,766,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2013/09/27 21:23:26 | 000,162,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DE070B0.02A\ccsetx64.sys -- (ccSet_NST)
DRV:[b]64bit:[/b] - [2013/09/16 16:12:57 | 000,023,824 | ---- | M] (Avid Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\diginet.sys -- (DigiNet)
DRV:[b]64bit:[/b] - [2013/06/11 11:32:26 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2013/06/11 11:32:22 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2013/06/11 11:32:22 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2013/02/12 06:12:05 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb80236.sys -- (usbrndis6)
DRV:[b]64bit:[/b] - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/12/26 00:04:11 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2011/06/09 18:35:04 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 15:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:[b]64bit:[/b] - [2010/11/20 15:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:[b]64bit:[/b] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 13:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:[b]64bit:[/b] - [2010/11/20 13:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:[b]64bit:[/b] - [2010/11/11 01:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:[b]64bit:[/b] - [2010/11/11 01:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:[b]64bit:[/b] - [2010/11/11 01:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:[b]64bit:[/b] - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010/09/13 15:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010/09/03 08:59:26 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2002/08/30 14:00:00 | 000,002,864 | --S- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\SysWow64\winsock.dll -- (Winsock)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=410&v=n16285-896&apn_uid=0842640542124201&apn_dtid=BND410&o=APN10649&apn_ptnrs=AGA&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" = http://rover.ebay.com/rover/1/709-111075-12437-0/4?satitle={searchTerms}&mfe=Desktops
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=410&v=n16285-896&apn_uid=0842640542124201&apn_dtid=BND410&o=APN10649&apn_ptnrs=AGA&q={searchTerms}
IE - HKLM\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" = http://rover.ebay.com/rover/1/709-111075-12437-0/4?satitle={searchTerms}&mfe=Desktops
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
IE - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 0B AC 5F A1 06 98 D1 01 [binary data]
IE - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\..\SearchScopes\{196F1E03-13AA-44D1-BB7A-81D02FD95E44}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7NDKB_frFR539
IE - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=410&v=n16285-896&apn_uid=0842640542124201&apn_dtid=BND410&o=APN10649&apn_ptnrs=AGA&q={searchTerms}
IE - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\myriam\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\Users\myriam\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\myriam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@squareclock.com/SQ3DPlayer_Production_Castorama_Internet: C:\Users\myriam\AppData\Local\SquareClock.Production_Castorama_Internet\NPSQ3D.dll (SquareClock SAS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com: C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 17.0.0\FFEXT\LIGHT_PLUGIN_FIREFOX\ADDON.XPI [2016/12/07 14:21:29 | 000,104,713 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\ [2017/06/10 12:22:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016/12/07 14:21:29 | 000,104,713 | ---- | M] ()

[2013/02/03 20:53:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\myriam\AppData\Roaming\mozilla\Firefox\extensions
[2013/02/03 20:53:44 | 000,000,000 | ---D | M] (uTorrentBar_FR) -- C:\Users\myriam\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
[2013/09/10 15:59:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\myriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaafeopjhkcolncjbedbhofpocmdbn\5.5_0\
CHR - Extension: No name found = C:\Users\myriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif\1.0.5_0\
CHR - Extension: No name found = C:\Users\myriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\myriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.7.12.30_0\
CHR - Extension: No name found = C:\Users\myriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.3_0\
CHR - Extension: No name found = C:\Users\myriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Kaspersky Protection) - {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\CoIEPlg.dll (Symantec Corporation)
O2:[b]64bit:[/b] - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Kaspersky Protection) - {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O2 - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Kaspersky Protection Toolbar) - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\CoIEPlg.dll (Symantec Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Kaspersky Protection Toolbar) - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\..\Toolbar\WebBrowser: (Kaspersky Protection Toolbar) - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O3 - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\..\Toolbar\WebBrowser: (Kaspersky Protection Toolbar) - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O3:[b]64bit:[/b] - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [fst_fr_50] File not found
O4 - HKLM..\Run: [Magic Desktop for HP notification] C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe (Easybits)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001..\Run: [Facebook Update] C:\Users\myriam\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001..\Run: [HP ENVY 5530 series (NET)] C:\Program Files\hp\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O9:[b]64bit:[/b] - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : Console Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\..Trusted Domains: localhost ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1835861604-3981722046-2580434891-1001\..Trusted Domains: webcompanion.com ([]http in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E1D12AB-6525-49F5-8E3D-F37E17DF8A6D}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{879F4954-D476-4CF3-B35F-A52623DA6D98}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E23D0A6-EA23-43A4-B6A5-201E74A5B2A7}: DhcpNameServer = 212.27.40.240 212.27.40.241
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d7ac0ac5-d9ec-11e0-b8d1-e069959f2702}\Shell - "" = AutoRun
O33 - MountPoints2\{d7ac0ac5-d9ec-11e0-b8d1-e069959f2702}\Shell\AutoRun\command - "" = F:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe - (Hewlett-Packard Company)
MsConfig:64bit - StartUpFolder: C:^Users^myriam^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ubisoft register.lnk - - File not found
MsConfig:64bit - StartUpReg: [b]BeatsOSDApp[/b] - hkey= - key= - C:\Program Files\IDT\WDM\beats64.exe (Hewlett-Packard )
MsConfig:64bit - StartUpReg: [b]Easybits Recovery[/b] - hkey= - key= - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
MsConfig:64bit - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - c:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
MsConfig:64bit - StartUpReg: [b]hpsysdrv[/b] - hkey= - key= - c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
MsConfig:64bit - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]PDF Complete[/b] - hkey= - key= - C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
MsConfig:64bit - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]StartCCC[/b] - hkey= - key= - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig:64bit - StartUpReg: [b]SysTrayApp[/b] - hkey= - key= - C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] TBS - Service
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TBS - Service
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\Windows\System32\ie4uinit.exe -EnableTLS
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
ActiveX: {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:[b]64bit:[/b] msacm.vorbis - vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2040/02/14 00:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Steinberg
[2040/02/14 00:03:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steinberg
[2040/02/14 00:02:07 | 000,000,000 | ---D | C] -- C:\Users\myriam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 7 32bit
[2040/02/14 00:02:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steinberg
[2022/02/14 00:34:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steinberg
[2022/02/14 00:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Propellerhead Software
[2022/02/14 00:34:32 | 000,000,000 | ---D | C] -- C:\Users\myriam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 7 64bit
[2017/06/10 14:06:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\myriam\Desktop\OTL.exe
[2017/06/09 18:08:43 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Symphony Series Brass Solo Library
[2017/06/09 17:43:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Symphony Series Brass Ensemble Library
[2017/06/07 21:25:12 | 000,000,000 | ---D | C] -- C:\Users\myriam\Desktop\PC
[2017/06/07 16:54:19 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A3BC8244-482F-4FA4-A57B-D8339C8E0AA7}
[2017/06/04 16:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\Vstplugins
[2017/06/04 16:17:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D3CD7CDD-9759-4CF4-BE92-BA89914360B5}
[2017/06/04 16:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments
[2017/06/04 16:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
[2017/06/03 01:48:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\{16F4DC45-A5B6-4C2D-98FE-551183B20EBB}
[2017/05/27 00:32:37 | 000,000,000 | ---D | C] -- C:\Users\myriam\AppData\Local\Metropolis Ark 2
[2017/05/20 01:36:04 | 000,000,000 | ---D | C] -- C:\Users\myriam\Desktop\Native Instruments
[2017/05/16 19:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2017/05/16 19:38:02 | 000,000,000 | ---D | C] -- C:\Users\myriam\Desktop\HP
[2017/05/09 20:29:02 | 005,977,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2017/05/09 20:29:01 | 002,065,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2017/05/09 20:29:00 | 005,547,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2017/05/09 20:28:59 | 004,000,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2017/05/09 20:28:59 | 002,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2017/05/09 20:28:59 | 001,483,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2017/05/09 20:28:59 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2017/05/09 20:28:59 | 000,876,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2017/05/09 20:28:58 | 003,945,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2017/05/09 20:28:58 | 002,057,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2017/05/09 20:28:57 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2017/05/09 20:28:57 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2017/05/09 20:28:56 | 000,806,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2017/05/09 20:28:56 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2017/05/09 20:28:56 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2017/05/09 20:28:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2017/05/09 20:28:56 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2017/05/09 20:28:55 | 001,732,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2017/05/09 20:28:55 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2017/05/09 20:28:55 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2017/05/09 20:28:55 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2017/05/09 20:28:55 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2017/05/09 20:28:55 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2017/05/09 20:28:55 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2017/05/09 20:28:55 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2017/05/09 20:28:55 | 000,725,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2017/05/09 20:28:55 | 000,706,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2017/05/09 20:28:55 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2017/05/09 20:28:55 | 000,631,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2017/05/09 20:28:55 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2017/05/09 20:28:55 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2017/05/09 20:28:55 | 000,377,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2017/05/09 20:28:55 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2017/05/09 20:28:55 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2017/05/09 20:28:55 | 000,287,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2017/05/09 20:28:55 | 000,265,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2017/05/09 20:28:55 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2017/05/09 20:28:55 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2017/05/09 20:28:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2017/05/09 20:28:55 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2017/05/09 20:28:55 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleres.dll
[2017/05/09 20:28:55 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleres.dll
[2017/05/09 20:28:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\plasrv.exe
[2017/05/09 20:28:55 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comcat.dll
[2017/05/09 20:28:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comcat.dll
[2017/05/09 20:28:54 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2017/05/09 20:28:54 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2017/05/09 20:28:54 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2017/05/09 20:28:54 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2017/05/09 20:28:54 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2017/05/09 20:28:54 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2017/05/09 20:28:54 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2017/05/09 20:28:54 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2017/05/09 20:28:54 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2017/05/09 20:28:54 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2017/05/09 20:28:54 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2017/05/09 20:28:54 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2017/05/09 20:28:54 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2017/05/09 20:28:54 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2017/05/09 20:28:54 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2017/05/09 20:28:54 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2017/05/09 20:28:54 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2017/05/09 20:28:54 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2017/05/09 20:28:54 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2017/05/09 20:28:54 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2017/05/09 20:28:53 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2017/05/09 20:28:53 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2017/05/09 20:28:53 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2017/05/09 20:28:53 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2017/05/09 20:28:53 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2017/05/09 20:28:53 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2017/05/09 20:28:53 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2017/05/09 20:28:53 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2017/05/09 20:28:53 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2017/05/09 20:28:53 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2017/05/09 20:28:53 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2017/05/09 20:28:53 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2017/05/09 20:28:53 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2017/05/09 20:28:53 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2017/05/09 20:28:53 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2017/05/09 20:28:53 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2017/05/09 20:28:53 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2017/05/09 20:28:53 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2017/05/09 20:28:53 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2017/05/09 20:28:53 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2017/05/09 20:28:53 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2017/05/09 20:28:53 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2017/05/09 20:28:53 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2017/05/09 20:28:53 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2017/05/09 20:28:53 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2017/05/09 20:28:53 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2017/05/09 20:28:53 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2017/05/09 20:28:53 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2017/05/09 20:28:53 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2017/05/09 20:28:53 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2017/05/09 20:28:53 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2017/05/09 20:28:53 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2017/05/09 20:28:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2017/05/09 20:28:53 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2017/05/09 20:28:53 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2017/05/09 20:28:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2017/05/09 20:28:53 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2017/05/09 20:28:53 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2017/05/09 20:28:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2017/05/09 20:28:53 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2017/05/09 20:28:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2017/05/09 20:28:53 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2017/05/09 20:28:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2017/05/09 20:28:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2017/05/09 20:28:53 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2017/05/09 20:28:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2017/05/09 20:28:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2017/05/09 20:28:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2017/05/09 20:28:53 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2017/05/09 20:28:53 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2017/05/09 20:28:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2017/05/09 20:28:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2017/05/09 20:28:53 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2017/05/09 20:28:53 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2017/05/09 20:28:53 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2017/05/09 20:28:53 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2017/05/09 20:28:53 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2017/05/09 20:28:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2017/05/09 20:28:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2017/05/09 20:28:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2017/05/09 20:28:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2017/05/09 20:28:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2017/05/09 20:28:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2017/05/09 20:28:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2017/05/09 20:28:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2017/05/09 20:28:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2017/05/09 20:28:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2017/05/09 20:28:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2017/05/09 20:28:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2017/04/30 21:09:49 | 000,000,000 | ---D | C] -- C:\Users\myriam\Desktop\Logiciel Mix
[2017/04/17 12:14:10 | 000,000,000 | ---D | C] -- C:\Users\myriam\Desktop\YAMAHA Manuel d'utilisation
[2017/04/11 21:55:01 | 003,165,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2017/04/11 21:55:01 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2017/04/11 21:55:01 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2017/04/11 21:55:01 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2017/04/11 21:55:00 | 001,574,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2017/04/11 21:55:00 | 000,709,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2017/04/11 21:54:59 | 000,994,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll
[2017/04/11 21:54:59 | 000,382,696 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2017/04/11 21:54:58 | 000,308,456 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2017/04/11 21:54:57 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2017/04/11 21:54:57 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2017/04/11 21:54:55 | 000,922,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll
[2017/04/11 21:54:55 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-private-l1-1-0.dll
[2017/04/11 21:54:55 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
[2017/04/11 21:54:55 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
[2017/04/11 21:54:55 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
[2017/04/11 21:54:55 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l2-1-0.dll
[2017/04/11 21:54:55 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-2-0.dll
[2017/04/11 21:54:55 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-2-0.dll
[2017/04/11 21:54:54 | 000,063,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-private-l1-1-0.dll
[2017/04/11 21:54:54 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-math-l1-1-0.dll
[2017/04/11 21:54:54 | 000,020,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-math-l1-1-0.dll
[2017/04/11 21:54:54 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
[2017/04/11 21:54:54 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-multibyte-l1-1-0.dll
[2017/04/11 21:54:54 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
[2017/04/11 21:54:54 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-stdio-l1-1-0.dll
[2017/04/11 21:54:54 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
[2017/04/11 21:54:54 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-runtime-l1-1-0.dll
[2017/04/11 21:54:54 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
[2017/04/11 21:54:54 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-convert-l1-1-0.dll
[2017/04/11 21:54:54 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-time-l1-1-0.dll
[2017/04/11 21:54:54 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-2-0.dll
[2017/04/11 21:54:54 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-2-0.dll
[2017/04/11 21:54:54 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-filesystem-l1-1-0.dll
[2017/04/11 21:54:54 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-process-l1-1-0.dll
[2017/04/11 21:54:54 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-heap-l1-1-0.dll
[2017/04/11 21:54:54 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
[2017/04/11 21:54:54 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-conio-l1-1-0.dll
[2017/04/11 21:54:54 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-utility-l1-1-0.dll
[2017/04/11 21:54:54 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-locale-l1-1-0.dll
[2017/04/11 21:54:54 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-environment-l1-1-0.dll
[2017/04/11 21:54:54 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-2-0.dll
[2017/04/11 21:54:54 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-2-0.dll
[2017/04/11 21:54:54 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-1.dll
[2017/04/11 21:54:54 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l2-1-0.dll
[2017/04/11 21:54:54 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-timezone-l1-1-0.dll
[2017/04/11 21:54:54 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-timezone-l1-1-0.dll
[2017/04/11 21:54:53 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-string-l1-1-0.dll
[2017/04/11 21:54:53 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-string-l1-1-0.dll
[2017/04/11 21:54:53 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-time-l1-1-0.dll
[2017/04/11 21:54:53 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-process-l1-1-0.dll
[2017/04/11 21:54:53 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
[2017/04/11 21:54:53 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
[2017/04/11 21:54:53 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-1.dll
[2017/04/11 21:54:53 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l2-1-0.dll
[2017/04/11 21:54:53 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l2-1-0.dll
[2017/04/11 21:54:50 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2017/04/11 21:54:50 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmjpegdec.dll
[2017/04/11 21:54:50 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmjpegdec.dll
[2017/04/11 21:54:49 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2017/04/11 21:54:47 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2017/04/11 21:54:47 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2017/04/11 21:54:47 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2017/04/11 21:54:47 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2017/04/11 21:54:45 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2017/04/11 21:54:45 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2017/04/11 21:54:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2017/04/11 21:54:44 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2017/04/11 21:54:42 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2017/04/11 21:54:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2017/04/11 21:54:40 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2017/04/11 21:54:39 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2017/04/11 21:54:39 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2017/04/11 21:54:38 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2017/04/11 21:54:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2017/04/11 21:54:37 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2017/04/11 21:54:37 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2017/04/11 21:54:36 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2017/04/11 21:54:36 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2017/04/11 21:54:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\myriam\Desktop\*.tmp files -> C:\Users\myriam\Desktop\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2017/06/10 14:07:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\myriam\Desktop\OTL.exe
[2017/06/10 13:56:44 | 000,095,814 | ---- | M] () -- C:\Users\myriam\Documents\cc_20170610_135633.reg
[2017/06/10 12:33:28 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017/06/10 12:33:28 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017/06/10 12:21:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017/06/10 12:21:38 | 523,128,831 | -HS- | M] () -- C:\hiberfil.sys
[2017/06/08 16:50:44 | 001,671,400 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017/06/08 16:50:44 | 000,750,008 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2017/06/08 16:50:44 | 000,655,310 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017/06/08 16:50:44 | 000,151,062 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2017/06/08 16:50:44 | 000,122,924 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017/06/07 17:10:35 | 000,514,352 | ---- | M] () -- C:\Windows\SysWow64\Brass Ensemble.nicnt
[2017/06/04 17:11:42 | 000,001,159 | ---- | M] () -- C:\Users\myriam\Desktop\Manuel utilisateur ASIO4ALL v2.lnk
[2017/06/04 16:17:27 | 000,001,016 | ---- | M] () -- C:\Users\Public\Desktop\Kontakt 5.lnk
[2017/05/20 13:10:37 | 000,803,320 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2017/05/20 13:10:37 | 000,144,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2017/05/16 21:58:03 | 000,000,810 | ---- | M] () -- C:\Users\myriam\Desktop\Installer Kaspersky Internet Security version 17.0.0.611.lnk
[2017/05/12 22:16:00 | 000,645,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017/05/10 01:16:17 | 001,649,248 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2017/05/07 12:33:05 | 000,002,283 | ---- | M] () -- C:\Users\myriam\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2017/04/29 22:16:34 | 000,007,787 | ---- | M] () -- C:\Users\myriam\Documents\justificatif amende.pdf
[2017/04/28 03:14:59 | 000,631,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2017/04/28 03:14:09 | 000,706,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2017/04/28 03:14:08 | 005,547,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2017/04/28 03:11:49 | 001,732,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2017/04/28 03:10:12 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2017/04/28 03:10:12 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2017/04/28 03:10:12 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2017/04/28 03:10:11 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2017/04/28 03:10:10 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2017/04/28 03:10:10 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2017/04/28 03:10:10 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2017/04/28 03:10:10 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2017/04/28 03:10:09 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2017/04/28 03:10:08 | 001,212,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2017/04/28 03:10:08 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2017/04/28 03:10:08 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2017/04/28 03:10:07 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2017/04/28 03:10:04 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2017/04/28 03:10:04 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2017/04/28 03:10:03 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2017/04/28 03:10:02 | 001,460,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2017/04/28 03:10:02 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2017/04/28 03:10:02 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2017/04/28 03:09:59 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2017/04/28 03:09:59 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2017/04/28 03:09:58 | 000,880,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2017/04/28 03:09:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2017/04/28 03:09:58 | 000,463,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2017/04/28 03:09:58 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2017/04/28 03:09:58 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2017/04/28 03:09:58 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2017/04/28 03:09:58 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2017/04/28 03:09:58 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2017/04/28 03:09:58 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2017/04/28 03:09:58 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2017/04/28 03:09:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2017/04/28 03:09:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2017/04/28 03:09:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2017/04/28 03:09:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2017/04/28 03:09:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2017/04/28 02:36:36 | 004,000,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2017/04/28 02:36:36 | 003,945,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2017/04/28 02:32:51 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2017/04/28 02:32:45 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2017/04/28 02:32:40 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2017/04/28 02:32:39 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2017/04/28 02:32:33 | 000,342,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2017/04/28 02:32:32 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2017/04/28 02:32:32 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2017/04/28 02:32:32 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2017/04/28 02:32:32 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2017/04/28 02:32:32 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2017/04/28 02:32:32 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2017/04/28 02:32:32 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2017/04/28 02:32:32 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2017/04/28 02:32:32 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2017/04/28 02:32:32 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2017/04/28 02:32:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2017/04/28 02:19:29 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2017/04/28 02:19:26 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2017/04/28 02:18:44 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2017/04/28 02:15:46 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2017/04/28 02:14:54 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2017/04/28 02:11:35 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2017/04/28 02:10:53 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2017/04/28 02:08:07 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2017/04/28 02:08:06 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2017/04/28 02:08:06 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2017/04/28 02:08:05 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2017/04/28 02:07:13 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2017/04/28 02:07:13 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2017/04/28 02:07:13 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2017/04/28 02:07:13 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2017/04/21 17:34:00 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2017/04/21 17:15:28 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2017/04/17 17:37:29 | 002,065,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2017/04/17 17:37:29 | 000,876,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2017/04/17 17:37:29 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleres.dll
[2017/04/17 17:37:20 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\comcat.dll
[2017/04/17 17:12:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\oleres.dll
[2017/04/17 16:54:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\comcat.dll
[2017/04/16 11:16:46 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2017/04/16 10:57:03 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2017/04/16 10:55:41 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2017/04/16 10:55:24 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2017/04/16 10:54:52 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2017/04/16 10:54:39 | 000,576,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2017/04/16 10:43:35 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2017/04/16 10:38:35 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2017/04/16 10:37:33 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2017/04/16 10:37:32 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2017/04/16 10:36:53 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2017/04/16 10:36:43 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2017/04/16 10:25:51 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2017/04/16 10:21:36 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2017/04/16 10:18:59 | 005,977,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2017/04/16 10:11:22 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2017/04/16 10:10:56 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2017/04/16 10:09:42 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2017/04/16 10:04:37 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2017/04/16 10:03:35 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2017/04/16 10:02:36 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2017/04/16 10:01:40 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2017/04/16 10:01:20 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2017/04/16 10:00:21 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2017/04/16 10:00:02 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2017/04/16 09:57:55 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2017/04/16 09:52:04 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2017/04/16 09:48:29 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2017/04/16 09:47:30 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2017/04/16 09:47:03 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2017/04/16 09:46:56 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2017/04/16 09:40:16 | 000,725,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2017/04/16 09:40:04 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2017/04/16 09:37:51 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2017/04/16 09:37:40 | 002,132,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2017/04/16 09:30:01 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2017/04/16 09:29:28 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2017/04/16 09:28:48 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2017/04/16 09:25:16 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2017/04/16 09:24:17 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2017/04/16 09:20:18 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2017/04/16 09:08:57 | 002,057,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2017/04/16 09:08:30 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2017/04/16 08:40:34 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2017/04/16 08:34:33 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2017/04/12 17:32:24 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2017/04/12 17:32:10 | 001,483,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2017/04/12 17:32:10 | 000,141,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\myriam\Desktop\*.tmp files -> C:\Users\myriam\Desktop\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2017/06/10 13:56:36 | 000,095,814 | ---- | C] () -- C:\Users\myriam\Documents\cc_20170610_135633.reg
[2017/06/07 17:10:34 | 000,514,352 | ---- | C] () -- C:\Windows\SysWow64\Brass Ensemble.nicnt
[2017/06/04 17:11:27 | 000,001,159 | ---- | C] () -- C:\Users\myriam\Desktop\Manuel utilisateur ASIO4ALL v2.lnk
[2017/06/04 16:17:27 | 000,001,016 | ---- | C] () -- C:\Users\Public\Desktop\Kontakt 5.lnk
[2017/05/16 21:58:03 | 000,000,810 | ---- | C] () -- C:\Users\myriam\Desktop\Installer Kaspersky Internet Security version 17.0.0.611.lnk
[2017/04/29 22:16:19 | 000,007,787 | ---- | C] () -- C:\Users\myriam\Documents\justificatif amende.pdf
[2017/04/12 12:01:19 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2017/01/21 00:01:23 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys
[2017/01/21 00:01:11 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe
[2017/01/21 00:01:11 | 000,000,049 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg
[2016/01/26 19:45:59 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2015/09/20 14:35:33 | 000,002,896 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015/06/23 23:45:39 | 000,000,724 | ---- | C] () -- C:\Windows\wacam.ini
[2013/03/13 01:30:26 | 000,005,120 | ---- | C] () -- C:\Users\myriam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/02 17:17:49 | 000,000,290 | RHS- | C] () -- C:\Users\myriam\ntuser.pol

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016/08/29 17:31:19 | 014,183,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/08/29 17:12:50 | 012,880,384 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2015/10/07 22:00:20 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\7417
[2015/06/23 23:45:45 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\ACAMPREF
[2016/07/08 01:43:10 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Apowersoft
[2016/11/26 02:08:51 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Audacity
[2016/10/15 21:24:29 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Avid
[2013/05/30 12:19:15 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\DAEMON Tools Lite
[2011/12/31 21:42:37 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Desperate Housewives
[2015/10/08 22:17:49 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Dropbox
[2012/01/31 23:22:25 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\FreeAudioPack
[2014/11/23 02:21:48 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\FreeVideoConverter
[2017/02/05 16:54:21 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Garmin
[2017/01/21 01:48:52 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Image-Line
[2016/08/01 23:07:26 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\MAGIX
[2017/06/05 22:47:51 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\MuseScore
[2016/07/25 00:50:09 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Musink
[2014/11/30 16:51:57 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\PhotoFiltre
[2011/08/29 12:54:59 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\PictureMover
[2013/05/16 15:57:16 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\player
[2012/03/20 01:34:59 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Publish Providers
[2015/10/08 22:04:15 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\RPEng
[2017/05/17 00:08:29 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\SoftGrid Client
[2012/03/20 15:00:29 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Sony
[2022/02/14 00:34:32 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Steinberg
[2017/01/20 23:58:34 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Steinberg Installation Updater
[2011/12/16 14:17:54 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\TP
[2015/10/08 22:05:38 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\TuneUp Software
[2017/06/09 22:02:47 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\uTorrent
[2012/09/28 22:43:48 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\VirginMega.DownloadManager.v3.4AE6D9B37411D7D7A2C457954142B8FA4EE6E198.1
[2016/02/20 17:00:24 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Visan
[2013/03/02 17:28:19 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\VisicomToolBar
[2012/01/25 01:12:11 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\WildTangent
[2011/09/23 16:01:23 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\WinBatch
[2013/10/17 17:18:52 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Windows Live Writer
[2016/07/08 01:54:50 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Wondershare
[2015/09/20 14:35:41 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\YoutubeToMp3Converter

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2015/10/07 22:00:20 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\7417
[2015/06/23 23:45:45 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\ACAMPREF
[2012/09/28 22:29:07 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Adobe
[2016/07/08 01:43:10 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Apowersoft
[2014/05/15 15:02:51 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Apple Computer
[2011/08/29 12:54:59 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\ATI
[2016/11/26 02:08:51 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Audacity
[2016/10/15 21:24:29 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Avid
[2011/12/22 23:34:01 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\AVS4YOU
[2011/12/25 21:38:21 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\CyberLink
[2013/05/30 12:19:15 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\DAEMON Tools Lite
[2011/12/31 21:42:37 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Desperate Housewives
[2015/10/08 22:17:49 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Dropbox
[2012/01/31 23:22:25 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\FreeAudioPack
[2014/11/23 02:21:48 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\FreeVideoConverter
[2017/02/05 16:54:21 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Garmin
[2012/07/29 13:24:47 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Google
[2011/09/23 15:54:33 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Hewlett-Packard
[2016/02/20 23:32:09 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\HP Photo Creations
[2014/01/14 16:11:04 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\HP Support Assistant
[2012/11/21 21:19:12 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\hpqLog
[2016/01/26 19:47:23 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\HpUpdate
[2011/08/29 12:53:38 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Identities
[2017/01/21 01:48:52 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Image-Line
[2012/03/06 22:52:12 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Intelli-studio
[2011/08/29 16:24:01 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Macromedia
[2016/08/01 23:07:26 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\MAGIX
[2013/05/30 02:03:01 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Malwarebytes
[2009/07/14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Media Center Programs
[2015/10/18 15:57:03 | 000,000,000 | --SD | M] -- C:\Users\myriam\AppData\Roaming\Microsoft
[2013/02/03 20:53:44 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Mozilla
[2017/06/05 22:47:51 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\MuseScore
[2016/07/25 00:50:09 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Musink
[2014/11/30 16:51:57 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\PhotoFiltre
[2011/08/29 12:54:59 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\PictureMover
[2013/05/16 15:57:16 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\player
[2012/03/20 01:34:59 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Publish Providers
[2015/10/08 22:04:15 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\RPEng
[2012/01/08 19:11:29 | 000,000,000 | RH-D | M] -- C:\Users\myriam\AppData\Roaming\SecuROM
[2016/07/08 02:02:00 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Skype
[2017/05/17 00:08:29 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\SoftGrid Client
[2012/03/20 15:00:29 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Sony
[2022/02/14 00:34:32 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Steinberg
[2017/01/20 23:58:34 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Steinberg Installation Updater
[2011/12/16 14:17:54 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\TP
[2015/10/08 22:05:38 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\TuneUp Software
[2017/06/09 22:02:47 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\uTorrent
[2012/09/28 22:43:48 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\VirginMega.DownloadManager.v3.4AE6D9B37411D7D7A2C457954142B8FA4EE6E198.1
[2016/02/20 17:00:24 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Visan
[2013/03/02 17:28:19 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\VisicomToolBar
[2012/01/25 01:12:11 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\WildTangent
[2011/09/23 16:01:23 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\WinBatch
[2013/10/17 17:18:52 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Windows Live Writer
[2014/04/09 22:35:27 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\WinRAR
[2016/07/08 01:54:50 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Wondershare
[2012/11/05 21:50:28 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\Yahoo!
[2015/09/20 14:35:41 | 000,000,000 | ---D | M] -- C:\Users\myriam\AppData\Roaming\YoutubeToMp3Converter

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2011/01/20 12:11:00 | 000,186,368 | ---- | M] () -- C:\Users\myriam\AppData\Roaming\HP Photo Creations\Communicator.exe
[2011/01/20 12:11:00 | 000,149,504 | ---- | M] (Visan / RocketLife) -- C:\Users\myriam\AppData\Roaming\HP Photo Creations\PhotoProduct.exe
[2011/01/20 12:11:00 | 000,313,344 | ---- | M] (Visan / RocketLife) -- C:\Users\myriam\AppData\Roaming\HP Photo Creations\PhotoProductCore.exe
[2011/01/20 12:11:00 | 000,098,168 | ---- | M] () -- C:\Users\myriam\AppData\Roaming\HP Photo Creations\PhotoProductReg.exe
[2011/01/20 12:11:00 | 000,146,080 | ---- | M] () -- C:\Users\myriam\AppData\Roaming\HP Photo Creations\remove.exe
[2012/09/28 22:28:57 | 000,053,664 | ---- | M] (Adobe Systems Inc.) -- C:\Users\myriam\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012/09/28 22:28:55 | 015,428,440 | ---- | M] (Adobe Systems Inc.) -- C:\Users\myriam\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airinstaller3x0\airinstaller3x0.exe
[2015/10/08 22:06:15 | 002,407,664 | ---- | M] (Web Bar Media ) -- C:\Users\myriam\AppData\Roaming\RPEng\0D8BB44BC2BC4EDA84EA0695B0D1EE25\Web_Bar_Setup_2.0.5718.19210_3e16a056d.exe
[2015/09/20 14:35:01 | 000,313,392 | ---- | M] (Lavasoft) -- C:\Users\myriam\AppData\Roaming\RPEng\2ADA7A61B7EA4718AE12220001EE76CB\WcInstaller.exe
[2015/10/08 22:05:04 | 028,633,912 | ---- | M] (TuneUp Software) -- C:\Users\myriam\AppData\Roaming\RPEng\739A727369D0471CB1653B7D994698F6\TUU2014-FR-1day-AID1006172.exe
[2015/09/20 14:34:20 | 000,198,248 | ---- | M] (OpenCandy) -- C:\Users\myriam\AppData\Roaming\RPEng\B719C63C7B99477588F6B8C59D4289B7\dh35.exe
[2015/09/20 14:35:48 | 002,097,152 | ---- | M] (Lenovo Group Limited ) -- C:\Users\myriam\AppData\Roaming\RPEng\B719C63C7B99477588F6B8C59D4289B7\LenovoSHAREit812.exe
[2015/10/08 22:04:17 | 000,299,056 | ---- | M] () -- C:\Users\myriam\AppData\Roaming\RPEng\B8903B32FC3E49309A513BA0A02B8D98\setup.exe
[2013/02/04 00:11:33 | 000,108,192 | ---- | M] (Conduit Ltd.) -- C:\Users\myriam\AppData\Roaming\uTorrent\ism.exe
[2014/08/13 00:22:32 | 001,329,744 | ---- | M] (BitTorrent Inc.) -- C:\Users\myriam\AppData\Roaming\uTorrent\uTorrent.exe
[3 C:\Users\myriam\AppData\Roaming\uTorrent\*.tmp files -> C:\Users\myriam\AppData\Roaming\uTorrent\*.tmp -> ]
[2013/11/01 22:05:25 | 000,902,736 | ---- | M] (BitTorrent Inc.) -- C:\Users\myriam\AppData\Roaming\uTorrent\updates\3.3.2_30180.exe
[2013/11/16 01:04:07 | 000,900,440 | ---- | M] (BitTorrent Inc.) -- C:\Users\myriam\AppData\Roaming\uTorrent\updates\3.3.2_30303.exe
[2014/04/12 14:40:16 | 001,268,816 | ---- | M] (BitTorrent Inc.) -- C:\Users\myriam\AppData\Roaming\uTorrent\updates\3.4.1_30740.exe
[2014/04/30 16:19:53 | 001,266,520 | ---- | M] (BitTorrent Inc.) -- C:\Users\myriam\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014/06/08 01:19:50 | 001,268,560 | ---- | M] (BitTorrent Inc.) -- C:\Users\myriam\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014/08/12 00:28:11 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\myriam\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
[2014/08/13 00:20:29 | 001,329,744 | ---- | M] (BitTorrent Inc.) -- C:\Users\myriam\AppData\Roaming\uTorrent\updates\3.4.2_32239.exe
[2012/10/18 10:51:52 | 001,259,320 | ---- | M] (Iplay) -- C:\Users\myriam\AppData\Roaming\VisicomToolBar\gamesagogo_en_w3i_toolbar_3.2.0.36.exe
[2015/02/02 14:04:54 | 001,005,936 | ---- | M] (Wondershare ) -- C:\Users\myriam\AppData\Roaming\Wondershare\Wondershare Helper Compact\Wondershare Helper Compact.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

[color=#A23BEC]< MD5 for: ALG.EXE >[/color]
[2009/07/14 03:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=3290D6946B5E30E70414990574883DDB -- C:\Windows\SysNative\alg.exe
[2009/07/14 03:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=3290D6946B5E30E70414990574883DDB -- C:\Windows\winsxs\amd64_microsoft-windows-alg_31bf3856ad364e35_6.1.7600.16385_none_04de43c774cf8fe3\alg.exe

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20776_none_39c28c74544f69e8\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

[color=#A23BEC]< MD5 for: CSRSS.EXE >[/color]
[2009/07/14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009/07/14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

[color=#A23BEC]< MD5 for: CTFMON.EXE >[/color]
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysNative\ctfmon.exe
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

[color=#A23BEC]< MD5 for: DISK.SYS >[/color]
[2016/01/21 02:51:03 | 000,073,664 | ---- | M] (Microsoft Corporation) MD5=491B1D5EB547088AF022BA93D97D0FEA -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7601.23336_none_58625198a3f853c2\disk.sys
[2016/01/21 02:51:45 | 000,073,664 | ---- | M] (Microsoft Corporation) MD5=616387BBD83372220B09DE95F4E67BBC -- C:\Windows\SysNative\drivers\disk.sys
[2016/01/21 02:51:45 | 000,073,664 | ---- | M] (Microsoft Corporation) MD5=616387BBD83372220B09DE95F4E67BBC -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_4d9acdeddbcdfd89\disk.sys
[2016/01/21 02:51:45 | 000,073,664 | ---- | M] (Microsoft Corporation) MD5=616387BBD83372220B09DE95F4E67BBC -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7601.19133_none_57d5b2098add6acc\disk.sys
[2009/07/14 03:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009/07/14 03:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008/06/06 23:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/07/12 23:19:31 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011/07/12 23:20:14 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2016/08/29 17:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- C:\Windows\explorer.exe
[2016/08/29 17:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_b0517adca98752cc\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/07/12 23:19:31 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2016/08/29 16:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\SysWOW64\explorer.exe
[2016/08/29 16:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_baa6252edde814c7\explorer.exe
[2011/07/12 23:18:36 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011/07/12 23:20:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2011/07/12 23:18:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2011/07/12 23:20:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2011/07/12 23:18:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011/07/12 23:20:14 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/07/12 23:19:31 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2011/07/12 23:18:36 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2011/07/12 23:19:31 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

[color=#A23BEC]< MD5 for: I8042PRT.SYS >[/color]
[2009/07/14 01:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\drivers\i8042prt.sys
[2009/07/14 01:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys
[2009/07/14 01:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys
[2009/07/14 01:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_f3435f7ff2a9f325\i8042prt.sys
[2009/07/14 01:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys
[2009/07/14 01:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys

[color=#A23BEC]< MD5 for: IASTOR.SYS >[/color]
[2010/09/13 15:24:26 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\swsetup\DRV\Storage\Intel\RST\10.0\x64\iaStor.sys
[2010/09/13 15:24:26 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/09/13 15:24:26 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_2b0c50dc63f09dae\iaStor.sys
[2010/09/13 15:24:26 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_5b314ccea0aa569d\iaStor.sys

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/07/12 23:24:00 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
[2011/07/12 23:24:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys

[color=#A23BEC]< MD5 for: INTELIDE.SYS >[/color]
[2009/07/14 03:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\SysNative\drivers\intelide.sys
[2009/07/14 03:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\intelide.sys
[2009/07/14 03:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\intelide.sys
[2009/07/14 03:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\intelide.sys
[2009/07/14 03:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20776_none_39c28c74544f69e8\intelide.sys
[2009/07/14 03:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\intelide.sys
[2009/07/14 03:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\intelide.sys
[2009/07/14 03:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\intelide.sys

[color=#A23BEC]< MD5 for: MOUNTMGR.SYS >[/color]
[2010/11/20 15:33:43 | 000,094,592 | ---- | M] (Microsoft Corporation) MD5=32E7A3D591D671A6DF2DB515A5CBE0FA -- C:\Windows\winsxs\amd64_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.17514_none_50be2a351da54dd5\mountmgr.sys
[2015/07/15 20:15:11 | 000,094,656 | ---- | M] (Microsoft Corporation) MD5=67050452C0118BAF2883928E6FCCFE47 -- C:\Windows\winsxs\amd64_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.18933_none_50a77ae31db67a9d\mountmgr.sys
[2009/07/14 03:48:27 | 000,094,784 | ---- | M] (Microsoft Corporation) MD5=791AF66C4D0E7C90A3646066386FB571 -- C:\Windows\winsxs\amd64_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7600.16385_none_4e8d166d20b6ca3b\mountmgr.sys
[2015/02/03 05:55:38 | 000,095,160 | ---- | M] (Microsoft Corporation) MD5=8317536D445B05D0F8E7C6E26FF12E56 -- C:\Windows\winsxs\amd64_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.22948_none_512b474e36d7b7e4\mountmgr.sys
[2015/02/03 05:34:36 | 000,094,656 | ---- | M] (Microsoft Corporation) MD5=87BCD1034CBF33537D4D4C251D39BA26 -- C:\Windows\winsxs\amd64_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.18741_none_509aa6971dc06992\mountmgr.sys
[2016/06/14 19:21:28 | 000,094,440 | ---- | M] (Microsoft Corporation) MD5=8ADB5445B29941CB41AF2846FD5C93C7 -- C:\Windows\SysNative\drivers\mountmgr.sys
[2016/06/14 19:21:28 | 000,094,440 | ---- | M] (Microsoft Corporation) MD5=8ADB5445B29941CB41AF2846FD5C93C7 -- C:\Windows\winsxs\amd64_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.23471_none_5103b53e36f68234\mountmgr.sys
[2015/07/15 20:13:21 | 000,094,656 | ---- | M] (Microsoft Corporation) MD5=D698D48D3B0AD99008E04108599E4136 -- C:\Windows\winsxs\amd64_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.23136_none_5133f0ae36d199ae\mountmgr.sys

[color=#A23BEC]< MD5 for: MRXSMB.SYS >[/color]
[2015/10/17 18:46:17 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=01ED30775B746ABCCADD1C596EE4F97B -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.19044_none_dd96cbd267d58eb6\mrxsmb.sys
[2016/04/09 07:44:39 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=035C0A9A63DF3F3A52B90D8F6BF0F166 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23418_none_de44df3b80d7377e\mrxsmb.sys
[2011/05/04 04:51:08 | 000,157,696 | ---- | M] (Microsoft Corporation) MD5=040D62A9D8AD28922632137ACDD984F2 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16808_none_dbdfe8986a8ad40a\mrxsmb.sys
[2017/04/28 02:12:14 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=054F780A442DB96F9FE10501B35E75CA -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2017/04/28 02:12:14 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=054F780A442DB96F9FE10501B35E75CA -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23796_none_ddec64f98119dbcd\mrxsmb.sys
[2016/02/11 19:34:45 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=07F8F6B0CAEC7ADD30EBD94940A315D7 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.19160_none_dd7d2cb867e95e63\mrxsmb.sys
[2016/02/10 19:40:35 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=0950A57E920F5C8C56A4BCD25A1C9388 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23349_none_de256ddb80eea781\mrxsmb.sys
[2016/05/12 16:58:45 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=10112D850C844606419C79EE24EE6016 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23452_none_de139dcf80fd0f38\mrxsmb.sys
[2015/07/01 21:27:34 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=1877EB1495CFBDAB27D6A32F6DDF3818 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.18912_none_ddb562e067bed4f3\mrxsmb.sys
[2015/10/01 18:47:40 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=1C2BCE8BD456F8895ED06DB281006B66 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23226_none_de380aef80e12673\mrxsmb.sys
[2015/07/22 22:35:22 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=1CCBC57FE25BE27D177FF1BC4F960B6A -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23142_none_de1e680980f4fbd2\mrxsmb.sys
[2016/01/17 01:18:12 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=1F626B021798F29E96A29DB20914BF5E -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23334_none_de2b3c5580eb0cdd\mrxsmb.sys
[2016/01/22 07:03:38 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=22053A5093764F1DA22A81BD3E4943FF -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23338_none_de2f3d7d80e77239\mrxsmb.sys
[2016/10/10 16:56:18 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=25F918BB5D57C99FFEB0255143D0DF9A -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23571_none_ddfcff93810e2aea\mrxsmb.sys
[2017/03/08 05:56:37 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=2EB36DF5E373FCD1783F941A85803F9F -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23714_none_de40e3c580dac997\mrxsmb.sys
[2015/10/20 01:48:03 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=2ED53F050EBB446794236BB0D5E28F4F -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23250_none_de11996f80fee23c\mrxsmb.sys
[2015/12/30 19:43:39 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=32B85C4923D895B2FB35821A799BA38D -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.19110_none_ddb33c5467c0d2ae\mrxsmb.sys
[2016/09/02 16:55:12 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=341C65D6D4E9AB705258AC83511F7ADD -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23539_none_de30419380e685de\mrxsmb.sys
[2016/01/22 06:59:53 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=355DF71D1DD1999E8AEDF986534B233C -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.19135_none_dda29dee67cc8943\mrxsmb.sys
[2016/03/16 01:03:01 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=355E6E6B432892A5B20750EA5B317F3C -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23390_none_dde65ba5811f4f27\mrxsmb.sys
[2015/07/22 18:45:48 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=43E1F4B0EFDC244D2A83995CCD7846F7 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.18939_none_dda6c50e67c8be36\mrxsmb.sys
[2015/08/04 18:54:44 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=4D7B0528D458F5E80BADFCDE33713036 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23153_none_de14986780fc311a\mrxsmb.sys
[2015/07/15 18:55:35 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=54FF5D75FFA8107A51A277C8791C1C4C -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23136_none_de2d391d80e9453d\mrxsmb.sys
[2016/01/16 19:42:32 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=55BC784C80F64F90AC9D7E2A30560752 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.19131_none_dd9e9cc667d023e7\mrxsmb.sys
[2011/05/04 04:41:47 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=629086CABFDFBE0AF7253CB6A494E35A -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.20959_none_dc34761183d018e0\mrxsmb.sys
[2017/01/05 19:25:29 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=632E8A00090E4F85F304E152C92C7F2C -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23642_none_de1e718780f4ed95\mrxsmb.sys
[2015/10/20 01:41:20 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=73ADDCC406B86E7DA4416691E8E74BDA -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.19045_none_dd97cc1c67d4a80d\mrxsmb.sys
[2015/06/27 18:54:40 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=7490F993D0278665A09064B355BC8491 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23112_none_de3ed7cd80dca7ff\mrxsmb.sys
[2011/07/12 23:22:39 | 000,157,696 | ---- | M] (Microsoft Corporation) MD5=767A4C3BCF9410C286CED15A2DB17108 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16539_none_dbc0736c6aa249bf\mrxsmb.sys
[2017/02/09 17:55:48 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=819426D736BCBD31CC7CA27221954E04 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23677_none_de0303358108c01b\mrxsmb.sys
[2015/10/16 18:51:21 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=81D3D2256A486634B651E8FAA31A60A8 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23249_none_de256bf580eeaa5a\mrxsmb.sys
[2016/11/20 17:58:19 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=8A6DD6FDCCC010F7C6480EE7D0C3B92E -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23601_none_de48b0ed80d5647a\mrxsmb.sys
[2011/04/27 04:31:57 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=8D841161A355809EF86819FD3C6361D3 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.21714_none_de41115580da9655\mrxsmb.sys
[2015/07/15 03:52:06 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=92D8ABE55ADE489EFC9EBEADFA3FE0AF -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.18923_none_ddab933e67c60a3b\mrxsmb.sys
[2011/07/12 23:22:39 | 000,157,696 | ---- | M] (Microsoft Corporation) MD5=968613CC6C0F7427FAC62ACED6F7B8C5 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.20655_none_dc306f3783d3bc0f\mrxsmb.sys
[2015/10/16 18:38:58 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=A0F06B32779DB8C9B4DD0EB6EF8CF71E -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.19043_none_dd95cb8867d6755f\mrxsmb.sys
[2011/04/27 04:40:40 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=A5D9106A73DC88564C825D317CAC68AC -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17605_none_ddc344c067b3f3f1\mrxsmb.sys
[2015/09/29 03:50:29 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=ACB6782973BD93760D597FC7BB37E692 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.19018_none_ddbb3cbe67b9a03f\mrxsmb.sys
[2016/03/17 23:38:06 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=ACEC16415275E1AD6F7983EF472810E3 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23392_none_dde85c39811d81d5\mrxsmb.sys
[2015/07/15 18:46:59 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=B2081803D510DCE174992BA880EDCA70 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.18933_none_dda0c35267ce262c\mrxsmb.sys
[2016/03/16 19:34:10 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=B7264C444D6F3E5B2D10FC23D3B1035E -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23391_none_dde75bef811e687e\mrxsmb.sys
[2011/02/23 07:15:27 | 000,157,696 | ---- | M] (Microsoft Corporation) MD5=B7F3D2C40BDF8FFB73EBFB19C77734E2 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16765_none_db9c064c6abe3284\mrxsmb.sys
[2016/07/08 16:57:09 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=B7FADA5E1E55BB63F90EB9F8F016113B -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23497_none_dded5f918118fdaf\mrxsmb.sys
[2011/02/23 05:47:58 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=BE3A495095CD3307DE152EFDAC946C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.20907_none_dc68851983a95a7d\mrxsmb.sys
[2011/02/23 06:56:31 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=C2B4651001A867FF3F8865863B592991 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17565_none_dd82635267e49e70\mrxsmb.sys
[2015/09/28 18:53:18 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=C41D42E32E465D3E15E8D25D565EA457 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23223_none_de350a1180e3da6e\mrxsmb.sys
[2011/02/23 05:32:17 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=CD291E3C21C61E17972DFAF8E2E2E5DA -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.21666_none_de0d006781015791\mrxsmb.sys
[2009/07/14 01:24:00 | 000,157,184 | ---- | M] (Microsoft Corporation) MD5=CFDCD8CA87C2A657DEBC150AC35B5E08 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16385_none_db865edc6ace75ca\mrxsmb.sys
[2015/06/27 18:46:05 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=D32D828A9909FA3FD5D65ED52899CFA4 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.18909_none_ddc734d267b06a63\mrxsmb.sys
[2015/12/30 19:49:55 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=D9481C84DA831290F7AB4F190EEFA253 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23313_none_de3fdbe380dbbba4\mrxsmb.sys
[2015/07/01 18:55:44 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=E9DD0E8829567362C1051E0905174DDE -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23115_none_de41d8ab80d9f404\mrxsmb.sys
[2015/07/15 04:00:18 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=F07DBC8FF60E6F38958AFEF3A6D50CD7 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23126_none_de38090980e1294c\mrxsmb.sys
[2010/11/20 11:27:43 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=FAF015B07E3A2874A790A39B7D2C579F -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17514_none_ddb772a467bcf964\mrxsmb.sys
[2016/09/12 22:32:44 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=FCA01B0C70DAE9BE557577E719469D17 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23545_none_de21707f80f23c73\mrxsmb.sys

[color=#A23BEC]< MD5 for: MRXSMB10.SYS >[/color]
[2016/03/16 01:02:22 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=0631CC5098CC713568BCE103D8CB9575 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23390_none_e6f979f97b708d89\mrxsmb10.sys
[2010/11/20 11:26:53 | 000,287,744 | ---- | M] (Microsoft Corporation) MD5=08E2345DF129082BCDFFDC1440F9C00D -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.17514_none_e6ca90f8620e37c6\mrxsmb10.sys
[2017/01/05 19:24:54 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=0D9C05484F2F4BD9D33A615D5DBE67EA -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23642_none_e7318fdb7b462bf7\mrxsmb10.sys
[2016/03/17 23:37:14 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=0F276F2F2018296FABC7BD2BCCAAB40B -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23392_none_e6fb7a8d7b6ec037\mrxsmb10.sys
[2015/07/15 03:51:26 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=1BE5CBBCA154F1852D434E4CD814124C -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.18923_none_e6beb1926217489d\mrxsmb10.sys
[2009/07/14 01:24:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=1BEE517B220B7F024F411AEC1571DD5A -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7600.16385_none_e4997d30651fb42c\mrxsmb10.sys
[2015/07/01 21:26:43 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=21AF322605D8C7F2A627C22634D1C9C9 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.18912_none_e6c8813462101355\mrxsmb10.sys
[2015/09/29 03:49:43 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=262BF7BB7D0E44CFAA9B12A1E0A6EDF1 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.19018_none_e6ce5b12620adea1\mrxsmb10.sys
[2011/07/09 04:44:03 | 000,287,744 | ---- | M] (Microsoft Corporation) MD5=274F3D9A686A5C62BE62BF736D93FEA2 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7600.21005_none_e5797afb7dfc9973\mrxsmb10.sys
[2011/07/12 23:22:39 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=2DD6A56A8C7B58F3181C98E536A327B2 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7600.20655_none_e5438d8b7e24fa71\mrxsmb10.sys
[2016/07/08 16:56:37 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=34AFF1849B3EC042C40C5EEC9D78562A -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23497_none_e7007de57b6a3c11\mrxsmb10.sys
[2015/09/28 18:52:38 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=3506A48B62E236CBC546D67B763BB75D -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23223_none_e74828657b3518d0\mrxsmb10.sys
[2016/09/12 22:32:11 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=386BE96797C5B480AD31E8B50CEE337C -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23545_none_e7348ed37b437ad5\mrxsmb10.sys
[2015/07/01 18:55:02 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=53AED80EDC6949A55EFC68DDFE85ACFD -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23115_none_e754f6ff7b2b3266\mrxsmb10.sys
[2015/07/15 18:46:17 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=552FA62B0EFECD22D8D52499324BCA4F -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.18933_none_e6b3e1a6621f648e\mrxsmb10.sys
[2015/08/04 18:54:03 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=58025289A49408ED35B8DF83C65B0742 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23153_none_e727b6bb7b4d6f7c\mrxsmb10.sys
[2015/10/17 18:45:26 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=5CB840A0C6DEC045636B870D556334DF -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.19044_none_e6a9ea266226cd18\mrxsmb10.sys
[2015/07/22 18:44:51 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=62CEA59FF56B66154E08BD51D87392C2 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.18939_none_e6b9e3626219fc98\mrxsmb10.sys
[2015/10/16 18:38:02 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=63251F86EF415386F46238DB061BF678 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.19043_none_e6a8e9dc6227b3c1\mrxsmb10.sys
[2016/01/17 01:17:24 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=65069BD359BF707289D00B6A35704AE3 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23334_none_e73e5aa97b3c4b3f\mrxsmb10.sys
[2015/06/27 18:53:58 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=68AB3D574BF65241E652F6C2DA50D54D -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23112_none_e751f6217b2de661\mrxsmb10.sys
[2016/11/20 17:57:45 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=68C12354AEA8FB5B559F5F69EF1C0DF0 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23601_none_e75bcf417b26a2dc\mrxsmb10.sys
[2017/03/08 05:56:03 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=6C6A67FFEC4C06AEB61BC07E5E5B03C1 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23714_none_e75402197b2c07f9\mrxsmb10.sys
[2015/07/15 18:54:46 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=6DD6020C040A77FA85E1BAC2760EA1FE -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23136_none_e74057717b3a839f\mrxsmb10.sys
[2016/01/22 07:02:40 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=720B99235643BF6B1A3B4FB729DA8B47 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23338_none_e7425bd17b38b09b\mrxsmb10.sys
[2015/10/20 01:40:43 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=7C81098FBAF2EAF5B54B939F832B0F61 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.19045_none_e6aaea706225e66f\mrxsmb10.sys
[2011/07/09 04:34:29 | 000,288,768 | ---- | M] (Microsoft Corporation) MD5=7C95D3C4E3DA5289CE94E408DDC42E0D -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.21767_none_e72120eb7b51ac71\mrxsmb10.sys
[2011/02/23 05:47:55 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=7CB653DD8E58B99849B6DAFDBC8F17FF -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7600.20907_none_e57ba36d7dfa98df\mrxsmb10.sys
[2011/02/23 06:55:12 | 000,287,744 | ---- | M] (Microsoft Corporation) MD5=7E79946AFC5F799AB62982282BE5AC13 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.17565_none_e69581a66235dcd2\mrxsmb10.sys
[2016/04/09 07:44:06 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=8308FC2E9147D7632221E3279BB14660 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23418_none_e757fd8f7b2875e0\mrxsmb10.sys
[2017/02/09 17:55:13 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=85CB449B319AF69A3538BB1B97EEA2E5 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23677_none_e71621897b59fe7d\mrxsmb10.sys
[2011/02/23 07:15:14 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=86C6F88B5168CE21CF8D69D0B3FF5D19 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7600.16765_none_e4af24a0650f70e6\mrxsmb10.sys
[2016/02/11 19:34:01 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=8856E45D23BFF4D977BF06D0543BCD96 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.19160_none_e6904b0c623a9cc5\mrxsmb10.sys
[2016/10/10 16:55:44 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=8DF2B80510F438CFEC479181BD29C794 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23571_none_e7101de77b5f694c\mrxsmb10.sys
[2011/07/12 23:22:39 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=920EE0FF995FCFDEB08C41605A959E1C -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7600.16539_none_e4d391c064f38821\mrxsmb10.sys
[2015/10/16 18:50:25 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=964D7931311A8A1CE48C0E2246FB3C88 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23249_none_e7388a497b3fe8bc\mrxsmb10.sys
[2016/01/22 06:58:52 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=A16FC9323A85CAEA5804D04646A91CF9 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.19135_none_e6b5bc42621dc7a5\mrxsmb10.sys
[2017/04/28 02:11:40 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=A1EAC982807B3179DD92235B6B709C0A -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2017/04/28 02:11:40 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=A1EAC982807B3179DD92235B6B709C0A -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23796_none_e6ff834d7b6b1a2f\mrxsmb10.sys
[2015/12/30 19:42:48 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=A572BEF41F3C55D7DAF24D2340C91FEC -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.19110_none_e6c65aa862121110\mrxsmb10.sys
[2015/07/22 22:34:31 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=AB69FB03D4263EC7CCC069B3DEA58D5A -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23142_none_e731865d7b463a34\mrxsmb10.sys
[2016/01/16 19:41:41 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=BBBA7E2A7C9A88A6CA6C5395C83FA781 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.19131_none_e6b1bb1a62216249\mrxsmb10.sys
[2011/02/23 05:31:15 | 000,287,744 | ---- | M] (Microsoft Corporation) MD5=BF3F910D4B8BE206DDCC3771CD484817 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.21666_none_e7201ebb7b5295f3\mrxsmb10.sys
[2011/07/09 04:46:28 | 000,288,768 | ---- | M] (Microsoft Corporation) MD5=D711B3C1D5F42C0C2415687BE09FC163 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.17647_none_e6ad23f86223d4c5\mrxsmb10.sys
[2016/03/16 19:33:22 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=DBFF2DE9612D2CE3A91B6C5A8D5147ED -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23391_none_e6fa7a437b6fa6e0\mrxsmb10.sys
[2016/05/12 16:58:12 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=DCC4343B422A13B42C7678998449CE8A -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23452_none_e726bc237b4e4d9a\mrxsmb10.sys
[2016/02/10 19:39:45 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=DE53C6BE0EDF7DE40D365A745EC44F6B -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23349_none_e7388c2f7b3fe5e3\mrxsmb10.sys
[2015/10/20 01:47:20 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=EADA539EA6EF0BA85DC2B01D7FA5836A -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23250_none_e724b7c37b50209e\mrxsmb10.sys
[2015/10/01 18:46:47 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=EE027CDA1B02E3EAE2BBCEB354B6DAAA -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23226_none_e74b29437b3264d5\mrxsmb10.sys
[2011/07/09 04:44:55 | 000,287,744 | ---- | M] (Microsoft Corporation) MD5=F0067552F8F9B33D7C59403AB808A3CB -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7600.16847_none_e4c6c6f264fd68d9\mrxsmb10.sys
[2015/07/15 03:59:25 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=F4D587FB3E7935A4D748B1247A2296D4 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23126_none_e74b275d7b3267ae\mrxsmb10.sys
[2016/09/02 16:54:40 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=F93EDDF0B69760456C6E0D73405AC078 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23539_none_e7435fe77b37c440\mrxsmb10.sys
[2015/12/30 19:48:59 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=FA7B0C3A145052840A4A6D329FE326DE -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23313_none_e752fa377b2cfa06\mrxsmb10.sys
[2015/06/27 18:45:17 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=FCAE45BD090866361F1CF0617B3955D7 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.18909_none_e6da53266201a8c5\mrxsmb10.sys

[color=#A23BEC]< MD5 for: MRXSMB20.SYS >[/color]
[2011/07/12 23:22:39 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=00716986E11C4F6A53E1177683D1DB20 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7600.20655_none_e779f79dbc7c2de2\mrxsmb20.sys
[2016/07/08 16:56:34 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=058CE7A55E140EB0C72FBA6FD2FA72DE -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23497_none_e936e7f7b9c16f82\mrxsmb20.sys
[2015/10/16 18:50:22 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0D08809D6548D5C69D36102E1A506B1A -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23249_none_e96ef45bb9971c2d\mrxsmb20.sys
[2011/02/23 05:31:12 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=101D2F8E1C218699214EFB0D93BE88B0 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.21666_none_e95688cdb9a9c964\mrxsmb20.sys
[2010/11/20 11:26:47 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=108D87409C5812EF47D81E22843E8C9D -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.17514_none_e900fb0aa0656b37\mrxsmb20.sys
[2016/01/17 01:17:18 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=1309D84616C4E56EA46114A5844DDEB6 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23334_none_e974c4bbb9937eb0\mrxsmb20.sys
[2016/03/17 23:37:11 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=1D4B7972375052F5B7877A6FD9BE33A0 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23392_none_e931e49fb9c5f3a8\mrxsmb20.sys
[2016/04/09 07:44:03 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=1F8DA4ECAEA7E2BCD97E738795817431 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23418_none_e98e67a1b97fa951\mrxsmb20.sys
[2016/01/22 06:58:46 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=2539BE615440BA1EA4CF84A66B6C0AF9 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.19135_none_e8ec2654a074fb16\mrxsmb20.sys
[2016/11/20 17:57:43 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=307E956C0DE630EE0ACE657233C0E83F -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23601_none_e9923953b97dd64d\mrxsmb20.sys
[2016/02/10 19:39:40 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=36E0D6F8741BC73C3BE0E4C367D1465F -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23349_none_e96ef641b9971954\mrxsmb20.sys
[2011/05/04 04:51:05 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3C142D31DE9F2F193218A53FE2632051 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7600.16808_none_e72970fea33345dd\mrxsmb20.sys
[2011/02/23 05:47:51 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=41945247D93D13FB594CCE553E6B4AA3 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7600.20907_none_e7b20d7fbc51cc50\mrxsmb20.sys
[2016/03/16 01:02:19 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=448E1B0809DEECC5A37E64E80FFA7597 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23390_none_e92fe40bb9c7c0fa\mrxsmb20.sys
[2015/07/15 03:59:21 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=451C0626955CC209B9FB7349E87D3597 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23126_none_e981916fb9899b1f\mrxsmb20.sys
[2015/07/01 21:26:37 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=45A03A0B6461EFBEE77E0A6AC2816EDA -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.18912_none_e8feeb46a06746c6\mrxsmb20.sys
[2016/05/12 16:58:10 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=46C4F5BEE8D98BB1688752EAD0ABB7C0 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23452_none_e95d2635b9a5810b\mrxsmb20.sys
[2015/12/30 19:48:53 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=4D7CFD9921D9CB8488E23BCF3FF66E15 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23313_none_e9896449b9842d77\mrxsmb20.sys
[2015/07/01 18:54:59 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=56EDB4E0EF919D89B34DE0140B409FB1 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23115_none_e98b6111b98265d7\mrxsmb20.sys
[2016/03/16 19:33:17 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=5E36F5DB9D77773DEDBEF61A20BD9F4E -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23391_none_e930e455b9c6da51\mrxsmb20.sys
[2011/02/23 06:55:12 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=5FB954100CEA2BFEC6446FBBECAA3F79 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.17565_none_e8cbebb8a08d1043\mrxsmb20.sys
[2017/01/05 19:24:53 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=6123E6FECC1C164022868FB1982271BE -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23642_none_e967f9edb99d5f68\mrxsmb20.sys
[2009/07/14 01:24:06 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=6B2D5FEF385828B6E485C1C90AFB8195 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7600.16385_none_e6cfe742a376e79d\mrxsmb20.sys
[2015/10/16 18:37:58 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=71C002B1B9DC8B39506667200247004F -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.19043_none_e8df53eea07ee732\mrxsmb20.sys
[2015/10/01 18:46:41 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=72A8D4EC5B6C0221FBFD8BC07AAA1C1C -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23226_none_e9819355b9899846\mrxsmb20.sys
[2011/07/12 23:22:39 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=740D7EA9D72C981510A5292CF6ADC941 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7600.16539_none_e709fbd2a34abb92\mrxsmb20.sys
[2016/01/16 19:41:33 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=7A9ED330FCC5192960CB40D35FB1429D -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.19131_none_e8e8252ca07895ba\mrxsmb20.sys
[2015/07/22 18:44:45 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=7D65B5E9573A26C204AA547457DBF544 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.18939_none_e8f04d74a0713009\mrxsmb20.sys
[2016/09/12 22:32:09 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=841474CF2EB14F826038FBCC7D85B857 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23545_none_e96af8e5b99aae46\mrxsmb20.sys
[2015/06/27 18:45:14 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=8A5E163D645DB5AAF91F2CF57607145C -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.18909_none_e910bd38a058dc36\mrxsmb20.sys
[2015/09/29 03:49:31 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=8C0376974AA28398FF501E78C04ACB30 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.19018_none_e904c524a0621212\mrxsmb20.sys
[2016/02/11 19:33:54 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=8D383CED28332B5F3894658857472F47 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.19160_none_e8c6b51ea091d036\mrxsmb20.sys
[2015/07/15 18:54:37 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=91A46A07FFADABC32C222E361ABDA048 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23136_none_e976c183b991b710\mrxsmb20.sys
[2011/04/27 04:39:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=9423E9D355C8D303E76B8CFBD8A5C30C -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.17605_none_e90ccd26a05c65c4\mrxsmb20.sys
[2015/07/15 18:46:13 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=97687971F9CB30E2633DE0F1296B9F61 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.18933_none_e8ea4bb8a07697ff\mrxsmb20.sys
[2015/06/27 18:53:52 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=978E02388CD31C5E1F9D081AD56D991C -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23112_none_e9886033b98519d2\mrxsmb20.sys
[2015/10/20 01:47:14 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=9AA87D3F72DB2409548FA3CA04943942 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23250_none_e95b21d5b9a7540f\mrxsmb20.sys
[2011/05/04 04:41:42 | 000,128,512 | ---- | M] (Microsoft Corporation) MD5=A2B72CE0E5A6F639F6CAEBB2FC8E7070 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7600.20959_none_e77dfe77bc788ab3\mrxsmb20.sys
[2016/09/02 16:54:38 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=A558D659B722FE5FB8C6E1BF288F7316 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23539_none_e979c9f9b98ef7b1\mrxsmb20.sys
[2015/09/28 18:52:35 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=A73D3F8B1A74AA6322ED23C34FA8A871 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23223_none_e97e9277b98c4c41\mrxsmb20.sys
[2015/10/20 01:40:39 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=ACB763673BCCE6C7B3B8F858C9FE4F1F -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.19045_none_e8e15482a07d19e0\mrxsmb20.sys
[2015/08/04 18:54:01 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=AE81C16A65C6156D3DDDE03E36FD93BA -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23153_none_e95e20cdb9a4a2ed\mrxsmb20.sys
[2015/10/17 18:45:22 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=AFCC11AF6D1EF98904D83865A6394C63 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.19044_none_e8e05438a07e0089\mrxsmb20.sys
[2011/02/23 07:15:13 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=B081069251C8E9F42CB8769D07148F9C -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7600.16765_none_e6e58eb2a366a457\mrxsmb20.sys
[2015/07/15 03:51:23 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=B69491F744BE240D75F7AC1B9080CD75 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.18923_none_e8f51ba4a06e7c0e\mrxsmb20.sys
[2017/02/09 17:55:12 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=C0B2DC34587FE163997055AA38EB883A -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23677_none_e94c8b9bb9b131ee\mrxsmb20.sys
[2015/12/30 19:42:41 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=C49F1C4CA74FC52AFB2E892D8E50EA39 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.19110_none_e8fcc4baa0694481\mrxsmb20.sys
[2015/07/22 22:34:23 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=CDE84D3A8E8749B6EFC9CD2B08FD3BD3 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23142_none_e967f06fb99d6da5\mrxsmb20.sys
[2017/03/08 05:56:01 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=D9973E3B4637A4EA35DBF86A26F58270 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23714_none_e98a6c2bb9833b6a\mrxsmb20.sys
[2011/04/27 04:30:51 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=DCEA03016B88D32FA26B3B74FAB64261 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.21714_none_e98a99bbb9830828\mrxsmb20.sys
[2016/01/22 07:02:35 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=E1699BFB660C2F1D9B48D6D7D537F7A8 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23338_none_e978c5e3b98fe40c\mrxsmb20.sys
[2017/04/28 02:11:38 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=E6B504F163094F2DB84F7D34A893FA00 -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2017/04/28 02:11:38 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=E6B504F163094F2DB84F7D34A893FA00 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23796_none_e935ed5fb9c24da0\mrxsmb20.sys
[2016/10/10 16:55:42 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=F7622CFE3402A9BF10227BB124901E54 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23571_none_e94687f9b9b69cbd\mrxsmb20.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2012/08/22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2015/10/13 01:04:07 | 000,949,184 | ---- | M] (Microsoft Corporation) MD5=901D1BE3F8567B5D02747B1174FF708F -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.23235_none_0661f94b4bdbc702\ndis.sys
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
[2015/10/13 06:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) MD5=F7309F42555F8AAB7144A51A1F2585B0 -- C:\Windows\SysNative\drivers\ndis.sys
[2015/10/13 06:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) MD5=F7309F42555F8AAB7144A51A1F2585B0 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.19030_none_05d3592832c2ab5e\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2011/07/12 23:24:00 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/07/12 23:24:00 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

[color=#A23BEC]< MD5 for: RASACD.SYS >[/color]
[2009/07/14 02:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\SysNative\drivers\rasacd.sys
[2009/07/14 02:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys

[color=#A23BEC]< MD5 for: RDPCDD.SYS >[/color]
[2009/07/14 02:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=CEA6CC257FC9B7715F1C2B4849286D24 -- C:\Windows\SysNative\drivers\RDPCDD.sys
[2009/07/14 02:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=CEA6CC257FC9B7715F1C2B4849286D24 -- C:\Windows\winsxs\amd64_microsoft-windows-t..niportdisplaydriver_31bf3856ad364e35_6.1.7600.16385_none_30d015c257effe8b\RDPCDD.sys

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015/04/11 06:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015/04/13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015/04/13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe

[color=#A23BEC]< MD5 for: SMSS.EXE >[/color]
[2016/09/02 16:53:52 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=07FA7B813F15F0A19AF82D77CE8CF978 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23539_none_0ad97c5b48fab675\smss.exe
[2015/03/17 07:16:11 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=0B6514A14631E41DE4D6D40D1C80BE68 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18798_none_0a0e1c38300e82ce\smss.exe
[2015/10/20 03:11:06 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=12E497414382EF5970A5E42AEBA7AD2E -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23250_none_0abad437491312d3\smss.exe
[2016/01/16 19:39:43 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=14B751D2C502A2E3E37CD3C8C99F5488 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19131_none_0a47d78e2fe4547e\smss.exe
[2015/05/25 20:21:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=18196A0F4C3904C81ACE6E91529227D9 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23072_none_0aa7312749218315\smss.exe
[2017/02/09 17:54:25 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=18F07105165405B192B70C6D83C277EC -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23677_none_0aac3dfd491cf0b2\smss.exe
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2016/04/09 07:43:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1CBDCAC093542013BEE9E4700C74C784 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23418_none_0aee1a0348eb6815\smss.exe
[2015/03/17 07:11:20 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=206A6B71AC09D9F7651F0A8B015676C7 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23002_none_0af2e09b48e8bf7e\smss.exe
[2017/03/08 05:55:15 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=2A2D1492F7D7B2F00B19F5182D95E41D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23714_none_0aea1e8d48eefa2e\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22780_none_0a9a84b9492b3ec8\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22908_none_0af90a3548e32446\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22921_none_0adc685748f9aac7\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22923_none_0ade68eb48f7dd75\smss.exe
[2017/04/28 02:10:53 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=40F6E4AAFC115348C080F7A160C7FB36 -- C:\Windows\SysNative\smss.exe
[2017/04/28 02:10:53 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=40F6E4AAFC115348C080F7A160C7FB36 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23796_none_0a959fc1492e0c64\smss.exe
[2013/03/19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2015/07/23 02:02:14 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=50EEE09D03B94A13DFEFEFC1D774FC31 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18939_none_0a4fffd62fdceecd\smss.exe
[2015/07/15 20:10:25 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=55C48343919A72B0C8F5C42E4C798FCA -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18933_none_0a49fe1a2fe256c3\smss.exe
[2016/02/10 19:37:58 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=56518E444CA1D4BEAD4819B6D9528E4B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23349_none_0acea8a34902d818\smss.exe
[2015/07/15 20:08:53 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=5E200958CFBDB2B82C78B6F883236640 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23136_none_0ad673e548fd75d4\smss.exe
[2015/02/03 05:30:42 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=63D3C30B497347495B8EA78A38188969 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18741_none_0a3d29ce2fec45b8\smss.exe
[2015/08/04 20:12:02 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=673173E434A15DCF217998299C356A9E -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23153_none_0abdd32f491061b1\smss.exe
[2016/03/17 23:35:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=682586CACD78EF53EF7301B4180EB595 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23392_none_0a9197014931b26c\smss.exe
[2013/03/19 05:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2015/09/28 20:15:54 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=740DBD927AE4C290E62023F09CC8740E -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23223_none_0ade44d948f80b05\smss.exe
[2016/01/22 06:57:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=789035A84618AC25CEDC91606029A4A2 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19135_none_0a4bd8b62fe0b9da\smss.exe
[2016/03/16 19:31:37 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7FCFD859F3B53C6A2F334D41BC54B3FE -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23391_none_0a9096b749329915\smss.exe
[2016/01/17 01:15:38 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=839CD174F686363771B6A0BBE87CCD16 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23334_none_0ad4771d48ff3d74\smss.exe
[2015/01/29 05:18:52 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=83C0199B7C06AC3C33212E1A0DC2260E -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18738_none_0a4efbc02fdddb28\smss.exe
[2015/02/03 05:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=8CD5A97B8D155718D357B2D9BC6B113D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22948_none_0acdca854903940a\smss.exe
[2015/10/20 03:05:13 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9066AE964D95B1ABC999CED271556A7C -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19045_none_0a4106e42fe8d8a4\smss.exe
[2015/10/01 20:06:20 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9815B80E8F45D4CFF468899A444FE3B8 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23226_none_0ae145b748f5570a\smss.exe
[2015/05/25 20:18:39 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9BBEA639884C0338DD78654277BD188A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18869_none_0a2f8e2c2ff54579\smss.exe
[2016/10/07 16:56:08 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=A4BDB0372693A539C21D4C7D21CC0C46 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23569_none_0ab90c9749130a48\smss.exe
[2016/10/11 16:55:01 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=A71ADA4E6F61E0EA5E6FC45F020AEB1D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23572_none_0aa73aa5492174d8\smss.exe
[2015/07/15 05:19:24 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B094FD54A16671683B4A27A8C43BCDD0 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18923_none_0a54ce062fda3ad2\smss.exe
[2013/08/29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2016/09/09 19:43:16 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B4EA50C9844E9F7F27AF7F374DE1A4EA -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23543_none_0ac8aab349083a5c\smss.exe
[2015/01/27 05:56:16 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B75198D88A34994DE1E4D9F2286DF759 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22943_none_0ac8c91349081557\smss.exe
[2016/02/11 19:32:18 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=BAB3E8C0C2CFC7A9DC6A52615BC6064E -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19160_none_0a2667802ffd8efa\smss.exe
[2015/07/15 05:19:40 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=C95509F69D3584BB216C5B2365E74956 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23126_none_0ae143d148f559e3\smss.exe
[2013/08/02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2015/04/27 21:17:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CF8DC00FA29243A347AD4B605AFFF1E5 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23040_none_0ac5a057490afc94\smss.exe
[2015/09/29 05:10:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=D2E2A613EBD0C959E72556C3A63A6B4A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19018_none_0a6477862fcdd0d6\smss.exe
[2015/04/27 21:22:53 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=DA5EF2CC0764BE7097BAFA9CAF903FE8 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18839_none_0a4ffdf02fdcf1a6\smss.exe
[2015/12/30 19:46:49 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E2AABC6F2DE2B7E7EBBC08E66873EBB8 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23313_none_0ae916ab48efec3b\smss.exe
[2015/07/23 00:03:29 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E31F311AEACDAB79CFA4E5B5ACB2B954 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23142_none_0ac7a2d149092c69\smss.exe
[2013/07/08 04:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013/03/19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2016/01/22 08:27:45 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F7EF6821E330D14E3A84649A35C86217 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23338_none_0ad8784548fba2d0\smss.exe
[2013/03/19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe
[2015/12/30 19:41:00 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA792622268EE423FC5E6AE23FB43599 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19110_none_0a5c771c2fd50345\smss.exe

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2012/02/11 08:29:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=567977DC43CC13C4C35ED7084C0B84D5 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16962_none_32533f26db2c36c0\spoolsv.exe
[2012/02/11 08:26:04 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=807B5B0E287027F72AC37B0CDA9512DA -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.21149_none_32f955f1f433834b\spoolsv.exe
[2011/07/12 23:16:56 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=8547491BE7086EE317163365D83A37D2 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_32ca3745f45762fc\spoolsv.exe
[2012/02/11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\SysNative\spoolsv.exe
[2012/02/11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe
[2009/07/14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
[2010/11/20 15:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[2012/02/11 08:20:28 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=B9D7A4858CF32A6A15D2763F1DE47E0E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe
[2011/07/12 23:16:56 | 000,558,592 | ---- | M] (Microsoft Corporation) MD5=F8E1FA03CB70D54A9892AC88B91D1E7B -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_3252392adb2d25f4\spoolsv.exe

[color=#A23BEC]< MD5 for: STORPORT.SYS >[/color]
[2009/07/14 03:45:55 | 000,185,936 | ---- | M] (Microsoft Corporation) MD5=141E6F0B54DA421B8DE146F5AD947760 -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7600.16385_none_8371405049dfec7a\storport.sys
[2011/03/11 08:41:37 | 000,189,824 | ---- | M] (Microsoft Corporation) MD5=19CB37AC38B802BE9C441D094521A29A -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7601.17577_none_8564756e46fc63bf\storport.sys
[2011/07/12 23:24:00 | 000,187,776 | ---- | M] (Microsoft Corporation) MD5=29190F32060052EBA114ABF097334865 -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7600.20712_none_8443916362c7741d\storport.sys
[2011/03/11 08:19:25 | 000,189,824 | ---- | M] (Microsoft Corporation) MD5=337707BA01B8C246F5CECB518CC0C3E6 -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7601.21680_none_85dc404760286e19\storport.sys
[2011/07/12 23:24:00 | 000,187,264 | ---- | M] (Microsoft Corporation) MD5=46A458C6EFE2104C36182CD7631337A7 -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7600.16592_none_8363735249eab6b4\storport.sys
[2014/02/04 04:35:56 | 000,190,912 | ---- | M] (Microsoft Corporation) MD5=A3F0BC5897F9D3786A3CB695B163633A -- C:\Windows\SysNative\drivers\storport.sys
[2014/02/04 04:35:56 | 000,190,912 | ---- | M] (Microsoft Corporation) MD5=A3F0BC5897F9D3786A3CB695B163633A -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7601.18386_none_85588aa4470585ac\storport.sys
[2011/03/11 08:25:58 | 000,187,776 | ---- | M] (Microsoft Corporation) MD5=C3E909418DFE3C8E26BD873D9E01153C -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7600.20921_none_8437c4f962d07105\storport.sys
[2010/11/20 15:33:57 | 000,189,824 | ---- | M] (Microsoft Corporation) MD5=CCE3074CEE5F2FAF1E7468F224C409CC -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7601.17514_none_85a2541846ce7014\storport.sys
[2011/03/11 08:23:13 | 000,187,264 | ---- | M] (Microsoft Corporation) MD5=CFD8802CAC57D3AFE0C687786E9E55F8 -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7600.16778_none_837f18b249d5112a\storport.sys
[2014/02/04 04:37:55 | 000,191,424 | ---- | M] (Microsoft Corporation) MD5=FFC20D2055686D6F1BD8060FD93F4322 -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7601.22589_none_85e52a3360206ea2\storport.sys

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

[color=#A23BEC]< MD5 for: TCPIP.SYS >[/color]
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2011/04/25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2017/04/04 17:34:38 | 001,895,656 | ---- | M] (Microsoft Corporation) MD5=351A21ED3971ADD558956FF3EB0F6FED -- C:\Windows\SysNative\drivers\tcpip.sys
[2017/04/04 17:34:38 | 001,895,656 | ---- | M] (Microsoft Corporation) MD5=351A21ED3971ADD558956FF3EB0F6FED -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23761_none_11947868964edb1a\tcpip.sys
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013/05/08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014/04/05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010/11/20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2011/07/12 23:20:55 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013/01/04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012/03/30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011/04/25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012/03/30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013/01/03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013/09/07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012/08/22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011/07/12 23:20:55 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013/05/08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011/06/21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/09/29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/07/06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2016/07/07 17:36:20 | 001,896,168 | ---- | M] (Microsoft Corporation) MD5=B2875D7ABB82867DC3AA03D991940201 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23496_none_117904649662b62b\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011/04/25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013/01/04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011/06/21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011/06/21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011/09/29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2013/11/26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

[color=#A23BEC]< MD5 for: TERMDD.SYS >[/color]
[2010/11/20 15:33:57 | 000,063,360 | ---- | M] (Microsoft Corporation) MD5=561E7E1F06895D78DE991E01DD0FB6E5 -- C:\Windows\SysNative\drivers\termdd.sys
[2010/11/20 15:33:57 | 000,063,360 | ---- | M] (Microsoft Corporation) MD5=561E7E1F06895D78DE991E01DD0FB6E5 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\termdd.sys
[2010/11/20 15:33:57 | 000,063,360 | ---- | M] (Microsoft Corporation) MD5=561E7E1F06895D78DE991E01DD0FB6E5 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\termdd.sys
[2009/07/14 03:45:55 | 000,062,544 | ---- | M] (Microsoft Corporation) MD5=C448651339196C0E869A355171875522 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\termdd.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WIN32K.SYS >[/color]
[2016/02/04 19:52:53 | 003,211,264 | ---- | M] (Microsoft Corporation) MD5=05FD1920E7D9965F33DBBBEE58387B24 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.19145_none_16f9da87b13dffd1\win32k.sys
[2012/01/14 06:00:52 | 003,148,288 | ---- | M] (Microsoft Corporation) MD5=0777AD78CEF3B17D12C3A1988282952B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21898_none_1750a188ca8132fd\win32k.sys
[2015/01/09 04:05:41 | 003,204,608 | ---- | M] (Microsoft Corporation) MD5=08DB65D499AFA984680BEF89444F94BB -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22919_none_17a80c50ca3f8394\win32k.sys
[2012/07/18 19:22:09 | 003,151,360 | ---- | M] (Microsoft Corporation) MD5=0BEA3EEDF5DA0C2160EB8C4EAC18AAD2 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22060_none_1768e904ca7044db\win32k.sys
[2011/06/11 05:01:45 | 003,139,072 | ---- | M] (Microsoft Corporation) MD5=0DF3BD068DBB6BB760F28932D4D7F78E -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20983_none_15701116cd572f46\win32k.sys
[2013/03/01 05:32:29 | 003,150,848 | ---- | M] (Microsoft Corporation) MD5=15CFE2E15703D323D2FE2F0CF6F0C99E -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17266_none_14fef2d5b426ce56\win32k.sys
[2013/08/28 03:21:06 | 003,155,968 | ---- | M] (Microsoft Corporation) MD5=19320B121BFE7462EADD50A42C81AFD0 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18246_none_16faf37fb13cfcae\win32k.sys
[2016/03/29 19:53:59 | 003,216,896 | ---- | M] (Microsoft Corporation) MD5=1D0A5FF3C7C7EA7480429D16D38B60EA -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23407_none_17b0bb62ca395cd3\win32k.sys
[2012/05/15 03:25:43 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=1D7EDEAD6891810BCF8566B2319A8B11 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21995_none_174da290ca83e41f\win32k.sys
[2015/02/26 05:19:27 | 003,207,680 | ---- | M] (Microsoft Corporation) MD5=1EE0CEA5AFD1E08D33A4996EADA5F9E3 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22978_none_17662c7eca7111e3\win32k.sys
[2015/05/25 19:08:39 | 003,206,144 | ---- | M] (Microsoft Corporation) MD5=1EE2DBA5AD2E5EB618C7FB187C2CFDF4 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18869_none_16e85fe9b14a6f7f\win32k.sys
[2015/09/02 03:56:38 | 003,212,288 | ---- | M] (Microsoft Corporation) MD5=1F28446E4A5FC14A7AB487A5472ABD9F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23188_none_175b369aca795e3d\win32k.sys
[2016/01/07 20:00:32 | 003,215,360 | ---- | M] (Microsoft Corporation) MD5=245A41B147F849134F05848BC7590911 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23317_none_17a5e990ca417b9d\win32k.sys
[2012/11/23 05:35:07 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=26B161D96D1562819CBDF8A59DBA06D5 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21380_none_156cee0ccd5a0df8\win32k.sys
[2012/01/14 06:06:27 | 003,145,728 | ---- | M] (Microsoft Corporation) MD5=275D3946B0EC22BA13FE299E97ABF606 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17762_none_16e172c5b150a756\win32k.sys
[2012/11/23 05:45:35 | 003,147,264 | ---- | M] (Microsoft Corporation) MD5=298CC3E47CB19627639BFA84F424BDD4 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17175_none_14f320b9b42fd3c9\win32k.sys
[2012/01/14 06:05:42 | 003,148,288 | ---- | M] (Microsoft Corporation) MD5=2A6231EDD1728E97E5C73A4C995331EF -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21127_none_15b4cbcecd231d65\win32k.sys
[2013/01/04 05:19:37 | 003,155,968 | ---- | M] (Microsoft Corporation) MD5=2E54977CED249DEBFBBFB205DD27C89C -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22209_none_17b2cef2ca377b92\win32k.sys
[2016/08/16 04:35:57 | 003,218,432 | ---- | M] (Microsoft Corporation) MD5=2EE086581ECBACC396B294A0112FF16D -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23528_none_179c1dbaca48ab33\win32k.sys
[2011/09/06 05:07:02 | 003,134,976 | ---- | M] (Microsoft Corporation) MD5=31FB6EBACF9245B3A02E10F408EFF7B6 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16878_none_14f645a9b42cf23e\win32k.sys
[2013/04/10 05:18:13 | 003,156,480 | ---- | M] (Microsoft Corporation) MD5=32B9233C4A7A4A546436A26E28FF8AA6 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22296_none_174e7ec8ca832b06\win32k.sys
[2011/11/24 06:45:10 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=338E48AB7810E1B223DFECD82C44F5A3 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21866_none_176f10b8ca6aac7c\win32k.sys
[2012/10/18 20:25:58 | 003,149,824 | ---- | M] (Microsoft Corporation) MD5=34B419EDEAC6F12B34908DE3758F98C9 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17977_none_16dba817b1543c48\win32k.sys
[2012/01/14 06:02:25 | 003,143,168 | ---- | M] (Microsoft Corporation) MD5=39FF1BFDC0D5868E8D032EA349D30F51 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16948_none_1516b753b4149b92\win32k.sys
[2011/11/24 06:52:41 | 003,146,240 | ---- | M] (Microsoft Corporation) MD5=3AD5AEA8772DBEB548D0863714D7959D -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21097_none_15691a74cd5be3d5\win32k.sys
[2012/11/22 05:28:17 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=3BB7D9504A6BAB5E49DD503F005955E6 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22171_none_175f1b48ca77774a\win32k.sys
[2011/09/29 06:03:32 | 003,144,704 | ---- | M] (Microsoft Corporation) MD5=3C8CD264F784BD3BBA3F3A815BEBDE48 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17697_none_16c6028db1647cb5\win32k.sys
[2017/02/09 18:00:44 | 003,220,480 | ---- | M] (Microsoft Corporation) MD5=3E64CB38D9F567DF2D7F3576EC258BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23677_none_17650fbaca721ab8\win32k.sys
[2014/07/09 02:59:28 | 003,166,720 | ---- | M] (Microsoft Corporation) MD5=3E7BE3C11F521A8019EC3B5D410236E5 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22739_none_179268acca4fc128\win32k.sys
[2014/10/09 08:49:16 | 003,201,536 | ---- | M] (Microsoft Corporation) MD5=3E9AF3C0D441F3C611789D6272A121A8 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22831_none_178a6842ca56f397\win32k.sys
[2015/11/10 19:47:27 | 003,211,264 | ---- | M] (Microsoft Corporation) MD5=4287A4345CFFDD4D7710B2FCFF6C21BC -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.19061_none_16e037a1b151d530\win32k.sys
[2013/08/08 03:20:43 | 003,155,456 | ---- | M] (Microsoft Corporation) MD5=42A88ECF903BFE11411D188DCE830E84 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18233_none_1702c28db13794b8\win32k.sys
[2012/04/02 05:01:19 | 003,143,680 | ---- | M] (Microsoft Corporation) MD5=44DC57624E27B6EF3EA24F4892CB2620 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16988_none_14eb77a3b4350b56\win32k.sys
[2016/09/12 22:37:24 | 003,218,944 | ---- | M] (Microsoft Corporation) MD5=49B25EFF0A1510D210E87BFB4C09C5EF -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23545_none_17837d04ca5b9710\win32k.sys
[2013/01/04 05:22:49 | 003,150,848 | ---- | M] (Microsoft Corporation) MD5=4B8FAB281A9310C45A4F65378E5F7D81 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17206_none_153fd25db3f626b0\win32k.sys
[2012/06/12 05:08:36 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=511166D3F5D7EBA36DE48C4F5E195886 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17860_none_16df7417b15271cf\win32k.sys
[2012/11/23 05:26:31 | 003,149,824 | ---- | M] (Microsoft Corporation) MD5=523B9B64F2B6C630A2E0A87116C05F12 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18010_none_17155dbbb12a1683\win32k.sys
[2013/11/26 12:22:58 | 003,160,064 | ---- | M] (Microsoft Corporation) MD5=53DB9E8F6AD7F1237A45777BBE94CC71 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22525_none_179933a4ca4b458d\win32k.sys
[2015/04/20 04:07:33 | 003,208,704 | ---- | M] (Microsoft Corporation) MD5=54404FB40FA8B14C9B52719EFF8173AC -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23038_none_17914450ca50d561\win32k.sys
[2011/11/24 07:00:47 | 003,141,632 | ---- | M] (Microsoft Corporation) MD5=55CF26CF771B086A393750BD494FD6FC -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16920_none_152454dbb40b98f8\win32k.sys
[2014/09/29 02:58:48 | 003,198,976 | ---- | M] (Microsoft Corporation) MD5=5602D4C331FD7938ADE06D9242138922 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18615_none_171a6a91b1258420\win32k.sys
[2013/01/04 05:26:48 | 003,153,408 | ---- | M] (Microsoft Corporation) MD5=59E21156113E438D1D91AF4FC0C3B19F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18043_none_16f7eed5b13fb65b\win32k.sys
[2012/10/18 20:35:40 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=5C874B021D964326A38765955E108E7F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21347_none_159f2fc2cd334f95\win32k.sys
[2015/10/20 01:58:54 | 003,214,848 | ---- | M] (Microsoft Corporation) MD5=5F0DE5F1A3E12C3EBBA0A0CC82120BF0 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23250_none_1773a5f4ca683cd9\win32k.sys
[2012/07/18 19:30:08 | 003,150,848 | ---- | M] (Microsoft Corporation) MD5=63F37D88031FDDD3E83B1FA980878052 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21274_none_157bbd3acd4e5a3c\win32k.sys
[2011/09/06 05:03:17 | 003,138,048 | ---- | M] (Microsoft Corporation) MD5=671FE77C7083C752AB414EC331F24DCB -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17685_none_16ced1e5b15e2e16\win32k.sys
[2011/06/11 04:56:44 | 003,134,464 | ---- | M] (Microsoft Corporation) MD5=69762AB7ADF33748394701B8AA66CD81 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16830_none_15198309b413b7c2\win32k.sys
[2012/02/03 06:16:03 | 003,143,168 | ---- | M] (Microsoft Corporation) MD5=69E8CE6F62B82861014343CE10D2B294 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16957_none_150ae71db41d9e2c\win32k.sys
[2014/07/16 04:17:05 | 003,166,720 | ---- | M] (Microsoft Corporation) MD5=6A282A7E27E07D80A062B2C284A26F9F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22750_none_1773c63aca6814fb\win32k.sys
[2011/11/24 06:52:09 | 003,145,216 | ---- | M] (Microsoft Corporation) MD5=6E810D7C1E3881289733924CE9763B92 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17730_none_16ffe1f5b13a20d5\win32k.sys
[2015/12/08 19:52:00 | 003,214,848 | ---- | M] (Microsoft Corporation) MD5=713371BB5084042CFB6A69704594AB04 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23290_none_17486644ca88ac9d\win32k.sys
[2013/06/05 05:34:27 | 003,153,920 | ---- | M] (Microsoft Corporation) MD5=73601028E7C44154318AE91D2EB2EDB3 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18176_none_16da81d5b155535a\win32k.sys
[2016/02/06 00:00:32 | 003,214,848 | ---- | M] (Microsoft Corporation) MD5=775DB70AF746C5AC2665561A452DCD35 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23346_none_17847982ca5ab619\win32k.sys
[2014/02/07 03:25:28 | 003,159,552 | ---- | M] (Microsoft Corporation) MD5=77CC37F382332D6BFBBE8C27A4D60A44 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22592_none_174a8352ca86bd1f\win32k.sys
[2011/06/11 05:07:25 | 003,137,536 | ---- | M] (Microsoft Corporation) MD5=7A1BCE8E431CE1083E6807D43C1B0661 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17630_none_16ffe00fb13a23ae\win32k.sys
[2016/04/09 07:49:33 | 003,217,408 | ---- | M] (Microsoft Corporation) MD5=7DA8DE6CCB885424ABFC7514BD153BED -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23418_none_17a6ebc0ca40921b\win32k.sys
[2017/03/10 18:00:56 | 003,219,968 | ---- | M] (Microsoft Corporation) MD5=7DCA510E8C72C2DE41B3B74A79C6F902 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23717_none_17a5f128ca417039\win32k.sys
[2012/06/12 05:02:52 | 003,147,264 | ---- | M] (Microsoft Corporation) MD5=7FF70301AB5176FC3B72BD6C9B8BF888 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17039_none_15225fabb40bcc3a\win32k.sys
[2011/07/12 23:23:49 | 003,123,712 | ---- | M] (Microsoft Corporation) MD5=8549DC7684CBC0A0AA542051B7EF5A23 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16667_none_1500117fb425c2a8\win32k.sys
[2013/03/01 05:36:04 | 003,153,408 | ---- | M] (Microsoft Corporation) MD5=86F96630D28523F1C402C783F046DEF1 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18105_none_172530ffb11d766c\win32k.sys
[2012/03/31 04:56:14 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=88592AB8F8AE4F7264A936AEE682BBE5 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21955_none_1778e240ca63745b\win32k.sys
[2015/09/02 03:51:28 | 003,209,216 | ---- | M] (Microsoft Corporation) MD5=891D1D6C4B8D4E929F247F97C6214C9A -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18985_none_16cec0cfb15e3f2c\win32k.sys
[2012/10/18 20:18:22 | 003,147,264 | ---- | M] (Microsoft Corporation) MD5=8ABB4C73841402A9D30A4CC0B880FCE1 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17147_none_15159111b415b2a4\win32k.sys
[2013/10/30 03:50:10 | 003,159,040 | ---- | M] (Microsoft Corporation) MD5=8E3FA314D78F4092648EF122E5AFE8A8 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22496_none_174e8294ca832554\win32k.sys
[2015/11/03 19:55:32 | 003,211,264 | ---- | M] (Microsoft Corporation) MD5=92C729B1A03F8B55A68597A50394FB76 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.19054_none_16ee086bb1470544\win32k.sys
[2014/10/10 02:57:42 | 003,198,976 | ---- | M] (Microsoft Corporation) MD5=93C055B6AAD76360A60CB7E59A491531 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18635_none_1704cab9b135bc02\win32k.sys
[2017/04/26 16:59:15 | 003,220,992 | ---- | M] (Microsoft Corporation) MD5=94358D73B854622FB9E7AC98C4CD3919 -- C:\Windows\SysNative\win32k.sys
[2017/04/26 16:59:15 | 003,220,992 | ---- | M] (Microsoft Corporation) MD5=94358D73B854622FB9E7AC98C4CD3919 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23794_none_174c70eaca8503bc\win32k.sys
[2013/10/30 03:24:31 | 003,155,968 | ---- | M] (Microsoft Corporation) MD5=97D50B0CABF18A6D40F8883D02DDB519 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18300_none_17203359b121f207\win32k.sys
[2011/09/29 06:47:30 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=9A490D3113AD482914F98F0AA9254DB4 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21828_none_179c50fcca486f66\win32k.sys
[2011/09/06 05:45:20 | 003,140,096 | ---- | M] (Microsoft Corporation) MD5=9C7D0FD37532F0CE69C2F01B35364355 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21811_none_17a01ee2ca46a214\win32k.sys
[2015/11/10 19:52:20 | 003,215,360 | ---- | M] (Microsoft Corporation) MD5=9C9D06EC47A0FB6C5B3B7B9DFD085571 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23265_none_176dd77aca6bd77d\win32k.sys
[2014/09/29 02:55:36 | 003,201,536 | ---- | M] (Microsoft Corporation) MD5=9F50153566DC197792E54925DB37BDAB -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22823_none_179738c2ca4d0a54\win32k.sys
[2012/10/18 20:14:46 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=9FE34DE5E7E97DA1AB228F71687BDB88 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22137_none_17905cb4ca519f90\win32k.sys
[2012/05/15 03:32:33 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=A0360F2DEFCBC40497A4F3D0599FE71A -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17842_none_16f71483b1406c9b\win32k.sys
[2015/02/26 05:25:44 | 003,204,096 | ---- | M] (Microsoft Corporation) MD5=A0DEE06D68F210CA090FD4D9A33CDC12 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18773_none_16d78c5bb157f63f\win32k.sys
[2013/04/10 05:30:50 | 003,153,920 | ---- | M] (Microsoft Corporation) MD5=A11523523B31086DD760C0189C763359 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18126_none_17109171b12cc7a5\win32k.sys
[2014/08/23 02:59:01 | 003,163,648 | ---- | M] (Microsoft Corporation) MD5=A347EF56B7CD8360B3EF7772FEA597B9 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18577_none_16db89b7b154614d\win32k.sys
[2012/02/03 06:34:34 | 003,145,728 | ---- | M] (Microsoft Corporation) MD5=A3A7E9D10745A7CAC5F346370B81D08B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17772_none_16d6a2d9b158c347\win32k.sys
[2011/07/12 23:23:49 | 003,125,248 | ---- | M] (Microsoft Corporation) MD5=A671682E193BD7D39CE8DD33ABD4FC71 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20792_none_15643d14cd603792\win32k.sys
[2015/06/25 10:49:47 | 003,210,240 | ---- | M] (Microsoft Corporation) MD5=A7220D654E92319BD0ACE5E671AD9E98 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23109_none_17b2b644ca37980c\win32k.sys
[2012/06/12 05:04:59 | 003,151,360 | ---- | M] (Microsoft Corporation) MD5=A8191824CC60305DD2313D7A74F95EDD -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21231_none_15a3fc0ccd309e73\win32k.sys
[2010/11/20 11:53:33 | 003,126,272 | ---- | M] (Microsoft Corporation) MD5=A89392A32BA98468710FD7E38318934B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17514_none_17197f29b1265401\win32k.sys
[2016/01/07 19:53:30 | 003,211,776 | ---- | M] (Microsoft Corporation) MD5=A99A8E3835606F731DB54826D7836F88 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.19113_none_171849b7b1277950\win32k.sys
[2013/08/28 03:22:49 | 003,159,040 | ---- | M] (Microsoft Corporation) MD5=AC7B743EDCDA5DA11D8FABF88A63AE3E -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22435_none_178e61d2ca536457\win32k.sys
[2014/07/16 04:12:11 | 003,163,648 | ---- | M] (Microsoft Corporation) MD5=AF00649558BFB211A9091F4A6E7B4A0C -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18539_none_1708c9fbb1322437\win32k.sys
[2012/03/31 05:05:06 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=B132D7E1E53C5835B13E5F23394C3202 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21179_none_1580bcc6cd49dbc8\win32k.sys
[2011/09/29 06:09:30 | 003,141,120 | ---- | M] (Microsoft Corporation) MD5=B4F75A848859C8F7D8E87186A8C097ED -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16889_none_14ec7607b4342786\win32k.sys
[2012/05/15 03:33:51 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=B6044DA39F692DDE4AE382053E22A229 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21215_none_15bd9d0ccd1ccbed\win32k.sys
[2014/07/09 03:00:27 | 003,163,648 | ---- | M] (Microsoft Corporation) MD5=B7E1AE22FD172A6E71F5D1C47FD6CC88 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18528_none_1712999db12aeeef\win32k.sys
[2016/06/14 17:03:37 | 003,217,408 | ---- | M] (Microsoft Corporation) MD5=B813B68D0681D5F74E122760E3F6DA71 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23471_none_175f0a32ca778860\win32k.sys
[2012/06/12 04:58:04 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=BC91C50C20709D85A2137E689DC3ED19 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22016_none_17a4fa5cca425130\win32k.sys
[2013/03/01 05:34:07 | 003,155,968 | ---- | M] (Microsoft Corporation) MD5=BE37B358871D1114C295E745F8557DD0 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21482_none_156ef086cd583dcd\win32k.sys
[2015/10/17 18:56:48 | 003,211,264 | ---- | M] (Microsoft Corporation) MD5=BE938DFD46631CBBABC0881FB9241682 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.19044_none_16f8d857b13ee953\win32k.sys
[2016/10/25 17:02:34 | 003,219,456 | ---- | M] (Microsoft Corporation) MD5=C3C2755B262F02FE10B3AE42D814879B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23584_none_17573d0aca7ced7d\win32k.sys
[2015/06/25 10:57:44 | 003,207,168 | ---- | M] (Microsoft Corporation) MD5=C4EA3D63E8BF077ECD1E93BF6556AE99 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18906_none_17264079b11c78fb\win32k.sys
[2012/11/22 05:26:40 | 003,149,824 | ---- | M] (Microsoft Corporation) MD5=C58923115CDE6071C3BF2FF063546E9F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18009_none_17293041b119dea1\win32k.sys
[2012/11/23 05:28:21 | 003,152,384 | ---- | M] (Microsoft Corporation) MD5=C672AE7957256A51E4F4A0B16CFB8CDC -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22172_none_17601b92ca7690a1\win32k.sys
[2016/11/06 18:01:47 | 003,219,456 | ---- | M] (Microsoft Corporation) MD5=C679AAD000EC16FEDEA563DAF1830D31 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23591_none_17496c40ca87bd69\win32k.sys
[2011/09/29 05:59:10 | 003,145,216 | ---- | M] (Microsoft Corporation) MD5=CAE946DC6B153BF6236610F64FA7D5E5 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21060_none_15828832cd49dea1\win32k.sys
[2013/03/01 05:20:42 | 003,155,968 | ---- | M] (Microsoft Corporation) MD5=CB22E76FA82C144F1897A5EB886A9AC8 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22271_none_175f1d2eca777471\win32k.sys
[2011/09/06 05:06:32 | 003,139,072 | ---- | M] (Microsoft Corporation) MD5=CBECF661F412259CEE15CA82F0341D5E -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21046_none_159e29c6cd343ec9\win32k.sys
[2009/07/14 01:40:40 | 003,122,176 | ---- | M] (Microsoft Corporation) MD5=CBEF2EB83438ED9FC39411CC8378B0E7 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16385_none_14e86b61b437d067\win32k.sys
[2014/06/18 03:07:45 | 003,161,088 | ---- | M] (Microsoft Corporation) MD5=CD3EAE91B5D2782725B64C141BA7E4D3 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22722_none_17963692ca4df3d6\win32k.sys
[2013/08/08 03:21:02 | 003,158,528 | ---- | M] (Microsoft Corporation) MD5=D3F2D075504762AE2808B7CCD7B30EDA -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22416_none_17a501f4ca4245cc\win32k.sys
[2012/02/03 06:15:32 | 003,148,288 | ---- | M] (Microsoft Corporation) MD5=D743EB3F1917EE3D2861064D8A53E07F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21914_none_17a321a6ca43eb40\win32k.sys
[2015/04/20 04:11:23 | 003,204,608 | ---- | M] (Microsoft Corporation) MD5=D858C33B133740D5F1F1CF71C33F6355 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18834_none_1703ce3bb1369cf9\win32k.sys
[2011/06/11 04:54:15 | 003,140,096 | ---- | M] (Microsoft Corporation) MD5=D9DC465D72719EB413FDD056B0F25EED -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21744_none_1782ae16ca5c44c5\win32k.sys
[2015/05/25 19:09:41 | 003,209,728 | ---- | M] (Microsoft Corporation) MD5=DDD6B4213BC436E06338EA77531A674A -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23072_none_176002e4ca76ad1b\win32k.sys
[2015/01/09 04:03:01 | 003,201,536 | ---- | M] (Microsoft Corporation) MD5=DF07110F77639E73D0537188703F44F6 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18713_none_17186be3b1274e99\win32k.sys
[2013/01/04 14:06:34 | 003,155,456 | ---- | M] (Microsoft Corporation) MD5=DF25AEB9402801684DBFA8ACA328B8BB -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21416_none_15bea122cd1bdf92\win32k.sys
[2013/06/04 05:18:01 | 003,156,992 | ---- | M] (Microsoft Corporation) MD5=DFCA7B158161CB2A7DDCDDB51FE7940E -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22348_none_178690deca58cf26\win32k.sys
[2015/07/30 19:03:42 | 003,210,752 | ---- | M] (Microsoft Corporation) MD5=E2A3C165679A3DCB69643BB2178B690D -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23149_none_17877694ca5807d0\win32k.sys
[2012/07/18 19:31:12 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=E37C71EA972AD883E7841D07BC6D5F1C -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17073_none_14f11e3fb431a3f4\win32k.sys
[2012/05/15 03:32:20 | 003,144,192 | ---- | M] (Microsoft Corporation) MD5=E794341563033721CE10B4F43FC07F4C -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17024_none_15282e25b4083196\win32k.sys
[2014/02/07 03:23:30 | 003,156,480 | ---- | M] (Microsoft Corporation) MD5=E918C0DE5CF2AE6BEDBF387C09627D93 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18388_none_16d1b649b15b9c47\win32k.sys
[2012/02/03 06:16:04 | 003,148,288 | ---- | M] (Microsoft Corporation) MD5=EFD614BE4E92D24E63F22AB1ED545A58 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21143_none_159b2acecd36efeb\win32k.sys
[2015/12/08 19:58:03 | 003,211,264 | ---- | M] (Microsoft Corporation) MD5=F094FCE25E33140B5F7AEE2E5BDF6931 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.19091_none_16bfc7ddb16a2903\win32k.sys
[2012/07/18 20:15:06 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=F0D6864A7D52CE137E0A9D24795C3F0E -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17904_none_172456adb11e2cac\win32k.sys
[2014/06/18 03:10:36 | 003,157,504 | ---- | M] (Microsoft Corporation) MD5=F1726E14C8F7B40CD828345890AAF764 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18512_none_171767cdb1283af4\win32k.sys
[2015/11/03 20:01:41 | 003,214,848 | ---- | M] (Microsoft Corporation) MD5=F27F5C410A28F2BFCF8DEC2A2899EF36 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23259_none_177ca88eca6020e8\win32k.sys
[2013/11/26 12:32:56 | 003,156,480 | ---- | M] (Microsoft Corporation) MD5=F2BF71FCEAB8FB8A691408C478E2FF4C -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18327_none_17119587b12bdb4a\win32k.sys
[2012/03/31 05:10:03 | 003,146,240 | ---- | M] (Microsoft Corporation) MD5=F4C456F9235ED440B81107E951555411 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17803_none_1723547db11f162e\win32k.sys
[2014/08/23 02:59:33 | 003,166,720 | ---- | M] (Microsoft Corporation) MD5=F4EF671DED5F7AA1746F31240799D13A -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22783_none_17565754ca7db4d3\win32k.sys
[2016/07/08 17:01:47 | 003,218,944 | ---- | M] (Microsoft Corporation) MD5=F599F9438186D88E6A9D0F38806C1217 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23497_none_174f6c16ca82584c\win32k.sys
[2012/11/22 10:20:36 | 003,147,264 | ---- | M] (Microsoft Corporation) MD5=F8410E860A7250CC7E645C6CA4A4D9E6 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17174_none_14f2206fb430ba72\win32k.sys
[2012/11/22 05:41:57 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=F9744B7394857A472AB94052FB12EEDC -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21379_none_1580c092cd49d616\win32k.sys
[2015/07/30 18:56:07 | 003,208,192 | ---- | M] (Microsoft Corporation) MD5=F97A0CFC495C92FF2F6A03933157D115 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18946_none_16fb00c9b13ce8bf\win32k.sys
[2016/05/12 17:03:30 | 003,217,408 | ---- | M] (Microsoft Corporation) MD5=FEF363423D73B3C7A895A5BC04F53A8E -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23452_none_1775aa54ca6669d5\win32k.sys

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2011/07/12 23:20:14 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2011/07/12 23:20:14 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2017/04/16 08:53:18 | 013,661,184 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\ieframe.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:373E1720
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:6F55EB66
@Alternate Data Stream - 1 bytes -> C:\ProgramData:482EE99B1E21CE8C

< End of report >

Signaler le contenu de ce document