OTL logfile created on: 27/04/2013 16:35:10 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\meatloaf\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 46,11% Memory free 4,24 Gb Paging File | 2,79 Gb Available in Paging File | 65,78% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 465,76 Gb Total Space | 88,29 Gb Free Space | 18,96% Space Free | Partition Type: NTFS Computer Name: PC-DE-MEATLOAF | User Name: meatloaf | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/04/27 16:30:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\meatloaf\Desktop\OTL.exe PRC - [2013/03/28 19:07:57 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2013/03/28 19:07:44 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2013/03/28 19:07:41 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2013/03/28 19:07:41 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2013/02/28 04:59:26 | 005,529,328 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\LCore.exe PRC - [2012/12/18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/11/16 22:45:20 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2012/11/16 22:44:46 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2012/04/11 11:54:22 | 003,672,384 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2009/07/20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2009/07/10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/05/29 21:23:30 | 001,241,088 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Sun\StarOffice 8\program\soffice.BIN PRC - [2008/05/29 21:23:30 | 001,019,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Sun\StarOffice 8\program\soffice.exe PRC - [2008/05/13 19:07:24 | 000,080,392 | ---- | M] () -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe PRC - [2008/05/07 10:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008/02/28 17:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe PRC - [2007/06/26 13:22:42 | 000,081,997 | ---- | M] () -- C:\Program Files\USB TV\EM28XX\BDARemote.exe PRC - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012/11/16 21:37:32 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll MOD - [2012/11/16 16:09:18 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011/09/16 12:16:53 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a7053f38509cd157016b3bfccceb8f37\WindowsFormsIntegration.ni.dll MOD - [2011/09/15 15:43:27 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\075f1bb73b4bf872524a17609c081c5d\PresentationFramework.Aero.ni.dll MOD - [2011/09/15 13:45:32 | 014,328,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6508f77b1fb9d5161f11a14d46a7957b\PresentationFramework.ni.dll MOD - [2011/09/15 13:45:32 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\19e65cc6f0b9e1351800b927c5fc84a1\UIAutomationProvider.ni.dll MOD - [2011/09/15 13:45:22 | 012,216,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\267585069dce3fd61bd67943953a6d04\PresentationCore.ni.dll MOD - [2011/09/15 13:45:13 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b713b41679bdcb5a6cc0487bb4ceb9f0\WindowsBase.ni.dll MOD - [2011/09/15 09:32:58 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2bc8bc432d91919ea0bbb2b803a4b6af\System.Windows.Forms.ni.dll MOD - [2011/09/15 09:32:44 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\45aadcfa5a64d65be508b335cd7a729e\System.Runtime.Remoting.ni.dll MOD - [2011/09/15 09:32:37 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d5100c24f083084e1d2556839904e987\System.Drawing.ni.dll MOD - [2011/09/15 09:32:35 | 011,804,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b49ce1a910673d3e96965817e5c0535c\System.Web.ni.dll MOD - [2011/09/15 09:32:11 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\653b1be0c33cfade02fb0a61f135e488\System.Xml.ni.dll MOD - [2011/09/15 09:32:07 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\886c8bd1f835e78b659b71aeed3ed15a\System.Configuration.ni.dll MOD - [2011/09/15 09:30:27 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3d898b1a36aa22551eb0fd3ebe9bfc11\System.Core.ni.dll MOD - [2011/09/15 09:30:25 | 007,949,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\45f10e36f25d92dd808caab75e45b8ae\System.ni.dll MOD - [2011/09/15 09:30:21 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b2a5854682691830b9f62ec351c8b54e\mscorlib.ni.dll MOD - [2009/07/20 12:27:14 | 000,017,936 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\khalwrapper.dll MOD - [2009/03/30 06:42:27 | 000,430,080 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009/03/30 06:42:26 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll MOD - [2009/03/30 06:42:26 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll MOD - [2009/02/25 03:16:59 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll MOD - [2009/02/25 03:16:59 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll MOD - [2008/09/16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll MOD - [2007/12/19 15:04:24 | 000,828,416 | ---- | M] () -- C:\Program Files\Sun\StarOffice 8\program\libxml2.dll MOD - [2007/06/26 13:22:42 | 000,081,997 | ---- | M] () -- C:\Program Files\USB TV\EM28XX\BDARemote.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (MpsSvc) SRV - File not found [On_Demand | Stopped] -- -- (BFE) SRV - [2013/04/25 20:51:26 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/04/14 16:08:26 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/03/28 19:07:57 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013/03/28 19:07:41 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012/12/18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/11/16 22:44:46 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2010/02/06 18:54:15 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service) SRV - [2010/02/06 18:54:14 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009/10/15 07:51:14 | 000,087,336 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost) SRV - [2009/07/20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2008/10/30 20:34:45 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2008/05/13 19:07:24 | 000,080,392 | ---- | M] () [Auto | Running] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service) SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2005/09/23 08:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80) SRV - [2005/02/09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\Windows\System32\drivers\Pclepci.sys -- (PCLEPCI) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LV302V32.SYS -- (PID_PEPI) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lv302af.sys -- (pepifilter) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\C976.tmp -- (MEMSWEEP2) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ManyCam.sys -- (ManyCam) DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\Lxarscan.sys -- (LXARScan) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lvrs.sys -- (LVRS) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [File_System | System | Stopped] -- System32\Drivers\dfsc.sys -- (DfsC) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aq8o9unf) DRV - [2013/04/27 16:28:20 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2013/03/28 19:07:58 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2013/03/28 19:07:58 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013/03/28 19:07:58 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013/03/22 23:36:01 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2013/01/17 22:15:18 | 000,032,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGSUsbFilt.sys -- (LGSUsbFilt) DRV - [2013/01/17 22:15:06 | 000,042,480 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGSHidFilt.Sys -- (LGSHidFilt) DRV - [2012/11/16 23:07:06 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2012/11/16 23:07:06 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2012/11/16 21:38:48 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2012/11/09 22:25:58 | 000,454,288 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2012/10/26 17:22:38 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2012/06/26 10:04:40 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2012/02/23 14:31:36 | 000,083,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService) DRV - [2010/06/27 14:47:05 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010/06/27 14:47:04 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010/03/09 12:20:14 | 000,104,464 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009/11/24 03:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid) DRV - [2009/11/24 03:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum) DRV - [2009/06/17 18:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2009/06/17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009/06/17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009/06/17 18:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2009/02/03 17:36:58 | 000,059,000 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2009/02/01 01:26:30 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2007/09/21 03:10:54 | 000,078,992 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2007/09/21 03:10:26 | 000,063,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042mou.Sys -- (L8042mou) DRV - [2007/01/04 10:07:00 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus) DRV - [2006/07/10 18:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) DRV - [2006/06/14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) DRV - [2003/12/05 15:39:38 | 000,031,232 | ---- | M] (Pixela) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pixmc10c.sys -- (PIXMC10) DRV - [2003/12/05 15:39:38 | 000,027,932 | ---- | M] (Pixela) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pixmc10a.sys -- (PIXMC10A) DRV - [2003/12/05 15:39:38 | 000,022,492 | ---- | M] (Pixela) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pixmc10v.sys -- (PIXMC10V) DRV - [2003/01/20 11:50:36 | 000,020,648 | ---- | M] (Thomson Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netrcacm.sys -- (netrcacm) DRV - [2000/03/29 17:11:20 | 000,008,096 | ---- | M] (MicroStaff Co.,Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MASPINT.SYS -- (MASPINT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1903238310-3106780671-3224412211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-21-1903238310-3106780671-3224412211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKU\S-1-5-21-1903238310-3106780671-3224412211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F6 93 F4 8A 8B 16 CA 01 [binary data] IE - HKU\S-1-5-21-1903238310-3106780671-3224412211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1903238310-3106780671-3224412211-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1903238310-3106780671-3224412211-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1903238310-3106780671-3224412211-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1903238310-3106780671-3224412211-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: illimitux%40illimitux.net:4.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.) FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll File not found FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\meatloaf\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/14 16:08:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/14 16:08:14 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/14 16:08:28 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/14 16:08:14 | 000,000,000 | ---D | M] [2008/11/24 19:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\meatloaf\AppData\Roaming\mozilla\Extensions [2013/04/26 22:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\meatloaf\AppData\Roaming\mozilla\Firefox\Profiles\jt739kdk.default\extensions [2010/06/29 09:36:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\meatloaf\AppData\Roaming\mozilla\Firefox\Profiles\jt739kdk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/03/26 18:35:09 | 000,000,000 | ---D | M] (Illimitux) -- C:\Users\meatloaf\AppData\Roaming\mozilla\Firefox\Profiles\jt739kdk.default\extensions\illimitux@illimitux.net [2013/04/14 16:08:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2013/04/14 16:08:12 | 000,000,000 | ---D | M] (Google Settings) -- C:\Program Files\mozilla firefox\extensions\google-cjk@partners.mozilla.com [2013/04/14 16:08:27 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2009/10/14 18:21:24 | 000,155,648 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll [2013/01/11 11:48:33 | 000,001,609 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2012/09/05 23:26:45 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/12/11 23:37:58 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2013/02/21 23:39:21 | 000,001,472 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2009/12/09 11:46:54 | 000,000,832 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearch.xml [2013/01/11 11:48:33 | 000,001,399 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2012/12/11 23:37:58 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: EModel scriptable Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npEModelPlugin.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa2.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa3.dll CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll CHR - plugin: Facebook Plugin (Enabled) = C:\Users\meatloaf\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll O1 HOSTS File: ([2012/07/05 14:29:15 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SolidWorks_CheckForUpdates] C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe (Dassault Systemes) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-1903238310-3106780671-3224412211-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-1903238310-3106780671-3224412211-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1903238310-3106780671-3224412211-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - Startup: C:\Users\meatloaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1903238310-3106780671-3224412211-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1903238310-3106780671-3224412211-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.mypix.com/fr/fr/fw_model/domain/library/aurigma/ImageUploader5.cab (Image Uploader Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33105035-F39A-4F0A-A143-D8DB794F79AE}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E95D685A-8822-462C-B623-E5E9147FB6B4}: DhcpNameServer = 89.2.0.1 89.2.0.2 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\meatloaf\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\meatloaf\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - State: "bootini" - 2 SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: BFE - File not found SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: dfsc - System32\Drivers\dfsc.sys File not found SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MPSSvc - File not found SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {A6FA8A3A-F02B-6EF9-B7A1-9B416159EF29} - Microsoft Windows Media Player 11.0 ActiveX: {A70E8B3E-F112-888D-212A-ADFB6024369A} - Microsoft Windows Media Player ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {FD77A035-C891-2E7F-1F05-20FF9E878EEF} - Java (Sun) ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.I420 - lvcodec2.dll File not found Drivers32: VIDC.MJPG - C:\Windows\System32\pvmjpg30.dll (Pegasus Imaging Corporation) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2100/02/08 16:03:54 | 000,053,248 | ---- | C] (Silitek Corp.) -- C:\Program Files\ACMonitor_X73.exe [2013/04/27 16:30:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\meatloaf\Desktop\OTL.exe [2013/04/27 16:00:36 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013/04/27 16:00:36 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\temp [2013/04/27 15:51:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/04/27 15:33:01 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013/04/27 13:33:14 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{7F137FCE-B4A8-451B-8ACD-9DD9C63DB725} [2013/04/26 22:40:34 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Roaming\Malwarebytes [2013/04/26 22:40:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/04/26 22:40:26 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013/04/26 22:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013/04/26 22:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/04/25 22:24:24 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{95594499-27FB-47E5-B082-B97F56858372} [2013/04/25 20:50:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013/04/25 20:50:08 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013/04/25 20:49:43 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013/04/25 20:49:43 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013/04/25 20:49:43 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013/04/25 20:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013/04/25 18:09:29 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{38145B53-77D9-4D56-9EDD-4537077BAE3A} [2013/04/25 18:08:06 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{98478DE3-DEEA-4B87-9A5E-C194624714BD} [2013/04/24 22:51:18 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{EF1F99BC-9F49-4B4B-9D36-33822F9DE671} [2013/04/24 22:30:23 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\Documents\yann [2013/04/23 23:14:46 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{303CEBAE-EAF1-489B-A279-402C70BB68C8} [2013/04/23 17:35:27 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Roaming\TERA [2013/04/22 18:23:04 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Roaming\Cursed House 2 [2013/04/22 18:15:02 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{13488732-F808-43F7-BBC9-D64A3FA8FB87} [2013/04/21 11:06:09 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{B247BF85-19D2-47FA-A01E-92F63F316AA4} [2013/04/20 11:20:30 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{A75AB38D-AE38-43C8-B997-6489A427544E} [2013/04/19 18:59:58 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{AF49B092-1462-45DE-BA16-F8C831426E7C} [2013/04/18 18:35:59 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{41CEBAD5-BC6A-41F4-9E49-03E6436F91C1} [2013/04/17 22:38:55 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{444FDA7C-2F89-4CF1-A283-7DD8CA7791CF} [2013/04/17 15:26:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA [2013/04/17 15:26:20 | 000,000,000 | ---D | C] -- C:\Program Files\TERA [2013/04/16 18:16:23 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{972DE887-6648-492A-B189-4B5D04D5D174} [2013/04/15 19:32:18 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{3B8404AD-68C4-4512-8BF4-02A3A50A6189} [2013/04/14 16:08:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/04/14 16:06:42 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{7FFF9FA0-71A5-4FE6-A2CE-152E94C30A59} [2013/04/12 22:57:27 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{32D850B0-73E1-4653-9AC6-DCD8221CA879} [2013/04/11 22:31:05 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Roaming\Eipix [2013/04/11 18:28:04 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{EE309D5C-6E37-4A9D-8A20-CD05A9F66334} [2013/04/10 18:01:08 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{14164F38-97FB-4AC3-B034-775E3A9EED1E} [2013/04/09 22:40:35 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{700BE72D-056B-4BE6-A969-8B536021EEBB} [2013/04/09 18:17:53 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{8C479C54-F2F2-445E-9ADB-5C3D454A4C05} [2013/04/08 17:58:52 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{8B24BBB7-5A27-4C37-A1DD-173D6AEFE92F} [2013/04/07 16:54:29 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{8AB8D30E-AECB-4C5B-A37F-59DA5660CEB7} [2013/04/06 14:14:09 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{7355510C-039B-4208-AFF1-2AEE7CE79BA9} [2013/04/05 20:20:52 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{6AC10BE1-CB52-4CE2-A2D3-352024490575} [2013/04/05 18:37:42 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{77720C94-F041-4A04-A203-5AAE50390008} [2013/04/04 22:24:38 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{4190EFB2-0E34-4431-B837-3B72F52C788C} [2013/04/03 22:42:40 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{E47857E2-1C85-4069-8B6D-003B43BB834F} [2013/04/02 19:23:04 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{ED9F5F63-2963-48FF-9427-8B8404B1367A} [2013/04/01 12:20:36 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{982F00A6-6F3A-4D67-8262-46CCAA498B0D} [2013/03/31 12:30:25 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{451E7029-7884-45F6-B481-8758E7EEC21B} [2013/03/29 18:17:56 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{51BCFD1A-7A41-4789-A6EC-D701087FC4E5} [2013/03/28 18:38:13 | 000,000,000 | ---D | C] -- C:\Users\meatloaf\AppData\Local\{33140641-EE12-4A80-84B0-783F11F7CEA4} [2012/09/10 23:04:36 | 001,165,755 | ---- | C] (Mobatek ) -- C:\Users\meatloaf\MobaMotivSetup_v1.2.exe [1 C:\Users\meatloaf\AppData\Local\*.tmp files -> C:\Users\meatloaf\AppData\Local\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/04/27 16:38:08 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2013/04/27 16:32:02 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2013/04/27 16:30:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\meatloaf\Desktop\OTL.exe [2013/04/27 16:28:20 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\gdrv.sys [2013/04/27 16:26:04 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/04/27 16:26:04 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/04/27 16:25:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/04/27 16:25:55 | 000,605,216 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/04/27 16:06:15 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/04/27 15:26:43 | 000,208,896 | ---- | M] () -- C:\Users\meatloaf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/04/26 22:40:27 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/04/26 22:14:23 | 000,000,298 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat [2013/04/25 20:51:26 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013/04/25 20:51:26 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013/04/25 20:49:31 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013/04/25 20:49:30 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2013/04/25 20:49:30 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013/04/25 20:49:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013/04/25 20:49:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013/04/25 20:49:29 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2013/04/25 17:25:27 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2013/04/17 15:26:22 | 000,001,635 | ---- | M] () -- C:\Users\meatloaf\Desktop\TERA.lnk [2013/04/12 18:00:25 | 000,002,541 | ---- | M] () -- C:\Users\meatloaf\Desktop\SolidWorks 2010.lnk [2013/04/12 17:57:00 | 000,001,356 | ---- | M] () -- C:\Users\meatloaf\AppData\Local\d3d9caps.dat [2013/04/12 15:54:00 | 000,000,050 | ---- | M] () -- C:\Windows\MegaManager.INI [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013/03/28 19:07:58 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2013/03/28 19:07:58 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2013/03/28 19:07:58 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys [1 C:\Users\meatloaf\AppData\Local\*.tmp files -> C:\Users\meatloaf\AppData\Local\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2100/02/23 14:35:34 | 000,000,768 | ---- | C] () -- C:\Program Files\x73_lut.dat [2100/02/08 15:53:34 | 000,001,437 | ---- | C] () -- C:\Program Files\gtx73.ini [2013/04/26 22:40:27 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/04/26 22:14:07 | 000,000,298 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat [2013/04/25 19:56:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2013/04/17 15:26:22 | 000,001,635 | ---- | C] () -- C:\Users\meatloaf\Desktop\TERA.lnk [2013/04/12 15:54:00 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI [2012/11/16 17:01:04 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2012/03/06 19:59:32 | 000,618,823 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011/12/07 19:34:05 | 000,001,309 | ---- | C] () -- C:\Windows\RRK.INI [2011/12/07 19:34:05 | 000,000,032 | ---- | C] () -- C:\Windows\TLCAPPS.INI [2011/12/07 19:33:47 | 000,000,000 | ---- | C] () -- C:\Windows\SETUP32.INI [2011/11/21 12:53:47 | 000,000,230 | ---- | C] () -- C:\ProgramData\settings.xml [2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2010/07/12 13:37:32 | 000,013,410 | ---- | C] () -- C:\Users\meatloaf\AppData\Local\slot1.mm1 [2010/05/15 17:16:31 | 000,027,973 | ---- | C] () -- C:\Users\meatloaf\AppData\Roaming\OFMissionEditorConfig.xml [2009/05/20 19:08:28 | 000,000,760 | ---- | C] () -- C:\Users\meatloaf\AppData\Roaming\setup_ldm.iss [2009/02/01 01:33:20 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2008/10/29 17:58:35 | 000,138,904 | ---- | C] () -- C:\Users\meatloaf\AppData\Roaming\PnkBstrK.sys [2008/10/17 01:04:35 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2008/10/10 23:39:31 | 000,208,896 | ---- | C] () -- C:\Users\meatloaf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/10/10 22:14:37 | 000,001,356 | ---- | C] () -- C:\Users\meatloaf\AppData\Local\d3d9caps.dat [2001/07/20 10:48:06 | 000,008,116 | ---- | C] () -- C:\Program Files\OSLO3071b2.USB [2000/12/05 15:56:34 | 000,114,688 | ---- | C] () -- C:\Program Files\lxarscan.dll [2000/01/11 12:50:48 | 000,000,047 | ---- | C] () -- C:\Program Files\ACMonitor_X73.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2006/11/02 14:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013/01/19 16:44:28 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\2monkeys [2010/12/29 00:10:54 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\A Gypsy's Tale - La Tour des Secrets [2011/09/26 18:31:25 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Absolutist [2011/05/23 18:07:01 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Academ Media [2010/08/09 22:40:54 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Age of Japan II [2010/05/27 23:15:50 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Aisle 5 Games, Inc [2011/08/02 21:35:04 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Akhra [2012/01/09 19:59:29 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Alawar [2012/03/25 16:57:51 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Alawar Entertainment [2012/12/02 00:43:02 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Alawar Stargaze [2013/01/13 23:46:35 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\AlawarEntertainment [2011/06/23 11:37:25 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\AlderGames [2012/07/01 14:46:32 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Amaranth Games [2009/07/10 17:52:53 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Anabel [2012/10/05 12:26:58 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Anarchy [2009/11/05 19:29:57 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Argonyt [2010/04/12 23:11:52 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Arkadium [2013/03/24 16:31:31 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Artifex Mundi [2013/03/08 18:52:30 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\ArtifexMundi [2011/12/06 13:00:02 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Artogon [2011/03/14 15:14:46 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Autodesk [2012/01/12 00:18:57 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Awem [2009/08/11 00:12:03 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Babylonia [2010/03/30 14:38:02 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\BanzaiInteractive [2011/07/01 18:17:59 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Batovi [2009/09/17 15:08:18 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Be a King [2012/07/25 11:10:04 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Big Finish [2011/05/16 15:55:54 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Big Fish Games [2013/01/07 14:16:25 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\BlamGames [2011/08/04 17:53:05 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\blg [2009/07/08 13:01:30 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\BloodTies [2012/10/11 13:01:57 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Blue Tea Games [2011/11/11 19:22:21 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Boolat Games [2013/01/29 12:43:32 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Boomzap [2009/09/10 15:37:22 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\BrandX Games [2010/08/19 11:15:50 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Brunhilda_oberon [2010/01/14 23:48:51 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\casanova [2012/03/23 18:11:59 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Casual Box [2012/02/28 14:56:57 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\casualArts [2013/03/03 13:24:08 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\cerasus.media [2012/03/02 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Chayowo Games [2011/04/20 21:41:53 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Column of the Maya [2009/01/23 20:24:51 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Crayon Physics Deluxe [2013/04/22 18:23:36 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Cursed House 2 [2012/09/10 13:50:18 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\CVitae [2009/05/03 14:01:21 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\DAEMON Tools [2013/04/25 21:12:07 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\DAEMON Tools Lite [2009/04/09 14:35:29 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\DAEMON Tools Pro [2012/08/30 19:01:39 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\DailyMagic [2010/02/07 17:12:13 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\DassaultSystemes [2013/01/05 13:11:01 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Deep Shadows [2012/05/30 23:15:02 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Dekovir [2011/12/07 14:36:59 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\DieselPuppet [2012/05/20 13:57:17 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Digital Quarter [2010/11/09 23:43:53 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Dragon Altar Games [2009/09/14 22:49:20 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\DreamDale [2010/02/07 21:06:50 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\DWGeditor [2011/08/16 13:36:14 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\EfrenStudios [2013/04/11 22:31:05 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Eipix [2013/01/02 23:30:39 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\EleFun Games [2011/07/13 12:22:38 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\ElementalsTheMagicKey [2012/12/21 13:20:44 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Elephant Games [2011/12/02 13:16:48 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\EnchantedCavern2 [2013/03/02 12:34:07 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Enki Games [2011/07/09 18:15:13 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Enlightenus [2010/11/24 20:41:55 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\EPSON [2011/07/05 17:19:20 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\ERS G-Studio [2013/02/22 19:26:06 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\ERS Game Studios [2012/09/17 11:53:19 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\flashInstallFR [2011/09/20 17:46:29 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Flood Light Games [2012/03/12 18:08:58 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Floodlight Games [2009/08/08 17:12:24 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\FloodLightGames [2012/09/01 17:46:04 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\FlowerOfImmortality [2010/03/04 19:13:03 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\FlyWheelGames [2010/06/04 13:55:33 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\FOG Downloader [2012/12/30 13:02:09 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\FOP [2012/01/23 13:54:40 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Freeze Tag [2012/05/03 18:41:05 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Friday's games [2011/03/24 22:55:29 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Frogwares [2010/08/16 12:19:43 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Fugazo [2012/11/08 19:25:43 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Funlinker [2011/09/07 17:05:40 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Funswitch [2012/08/12 22:55:54 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Fuzzy Bug Interactive [2009/11/25 20:37:31 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Gaijin Ent [2012/08/20 10:02:33 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\GameDevo [2012/01/06 12:48:23 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\GameHouse [2012/07/17 23:34:02 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\GameInvest [2012/08/26 13:05:02 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\GameMill Entertainment [2011/07/13 22:28:59 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Gamenauts [2010/06/29 16:59:30 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\GamersDigital [2011/07/31 15:15:02 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Games [2011/10/07 15:02:06 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\GAMESHASTRA [2010/07/03 12:40:56 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Gestalt Games [2011/11/28 16:47:35 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\GO Games [2009/11/14 23:24:45 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\GOA [2012/05/06 16:49:22 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Gogii [2009/07/17 15:23:39 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Gogii Games [2011/10/06 11:58:34 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Gold Casual Games [2012/12/23 00:20:46 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\GrandMA Studios [2010/09/13 23:34:29 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Green Clover Games [2011/11/03 15:19:02 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\GreenSauceGames [2010/06/25 14:07:36 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\GTM_Bodie [2012/07/24 23:15:50 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\HdO Adventure [2013/03/23 19:21:45 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Hidden Objects LesMiserables [2010/02/19 13:29:11 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\HiT-MM [2012/03/04 23:59:42 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\HitPoint Studios [2013/04/22 11:43:02 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\IM [2012/12/29 13:13:13 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\iMaxGen [2011/04/25 13:29:32 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Immortal Lovers [2009/11/09 14:33:52 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\ImperialCity [2010/02/15 11:25:01 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\IronCode [2011/11/01 23:44:21 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\JaiboGames [2013/04/25 20:05:04 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Java [2011/06/02 13:36:11 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Jetdogs Studios [2013/02/26 23:02:51 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\JoyBits [2010/03/03 20:13:23 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\KlickTock [2012/01/19 12:53:33 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Kutawaves Games [2012/08/18 15:08:49 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Lazy Turtle Games [2008/11/22 14:42:50 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Leadertech [2012/04/01 15:31:08 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\LegacyInteractive [2011/11/26 16:08:19 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\LestaStudio [2011/07/22 14:30:09 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\LittleGamesCompany [2010/10/06 19:09:04 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Lost in the City [2009/09/01 10:28:55 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\LTOA [2012/02/08 11:04:50 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Luxology [2011/06/09 18:55:27 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\MA [2012/09/23 13:10:03 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Mad Head Games [2011/08/07 17:05:45 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Magic Academy [2010/12/03 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Magic Academy 2 [2010/06/25 15:00:13 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Magic3 [2009/09/14 23:28:17 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\MagicBall4 [2013/02/01 13:29:42 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\MagicIndie [2010/05/06 16:23:37 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\ManyCam [2013/01/20 14:15:21 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Mariaglorum [2011/04/22 23:12:56 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\md studio [2012/04/28 14:06:46 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Meridian93 [2010/07/03 12:10:08 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Merscom [2009/11/24 13:36:46 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\MissTeriTale3 [2012/02/07 17:28:34 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\MoMB_Full_Eng [2012/05/18 11:35:33 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Monkey Barrel Games [2012/10/16 11:01:15 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\MumboJumbo [2012/12/04 19:36:44 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\My Games [2011/03/29 19:22:43 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Mystery of Mortlake Mansion [2009/10/28 19:45:55 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\MysteryStudio [2009/12/15 13:51:15 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Mysteryville2 [2012/07/15 13:34:02 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Natural Threat.Ominous Shores [2010/12/15 20:18:34 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Nevosoft Games [2009/09/15 10:02:30 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Oberon [2010/12/03 00:37:58 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Oberonv1000 [2010/07/27 18:21:23 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Oberonv1001 [2010/06/02 11:21:16 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Oberonv1002 [2009/07/15 12:43:37 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Oberonv1002fr [2010/04/07 15:10:49 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Oberonv1006 [2009/08/07 18:51:14 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\OpenOffice.org [2012/04/22 16:20:53 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Orneon [2009/08/02 20:03:07 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Peace Craft [2011/03/07 12:56:18 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Phantasmat_oberon_se [2009/07/21 12:02:40 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Pirateville [2013/01/29 15:06:22 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\PlataGames [2012/04/14 15:24:22 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\PlayFavoriteGames [2011/10/08 23:06:04 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\PlayFirst [2012/02/02 23:33:17 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\PlayPond [2011/07/15 18:53:06 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Playrix Entertainment [2010/03/26 00:47:37 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\PoBros [2009/11/03 18:28:07 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Princess Isabella [2012/09/22 11:13:12 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\QB9 [2010/03/09 13:21:41 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Quirky Games [2011/11/14 16:37:12 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Rainbow [2011/11/21 12:44:14 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Red Dot [2011/05/03 18:45:00 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Robin Hood [2009/07/15 00:09:20 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\RobinsonCrusoe [2010/04/29 14:10:09 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Samsung [2009/09/01 10:42:53 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\SecretIslandFraBF [2010/02/05 13:31:14 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\SerpentOfIsis [2010/06/08 23:37:56 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Settlement. Colossus [2012/10/06 12:00:12 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Seven Sails [2012/06/28 18:20:31 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\ShamanGS [2009/11/10 00:23:47 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\she_is_a_shadow [2012/11/19 00:26:22 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Silverback Productions [2012/11/18 14:20:25 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Skunk Studios [2012/09/08 22:27:05 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\SMIGames [2011/12/12 14:08:30 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Specialbit [2012/10/27 12:57:40 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\SpinTop Games [2013/04/27 16:28:42 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\StarOffice8 [2012/02/07 17:25:04 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\SulusGames [2012/06/25 11:24:57 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\SystemRequirementsLab [2012/09/27 22:20:55 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\tabagames [2009/09/15 17:53:48 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Tandem Games [2013/04/23 17:35:27 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\TERA [2012/11/23 14:39:12 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\The Curse of the Werewolves [2011/05/09 20:09:29 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\The Inquisitor [2011/09/07 18:01:25 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\TheFlyingDutchman [2010/11/03 17:06:07 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\TheGreatPharaoh [2011/07/31 08:00:17 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\ThreeDays2 [2012/11/17 19:36:23 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\TikisLab [2009/09/01 11:43:58 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\TimeMachine [2009/08/14 18:25:56 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\TimeQuest [2010/03/25 19:26:51 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\TitanicMystery [2010/12/23 13:51:54 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\TOMI2.THE GATES OF FATE [2012/12/01 12:44:58 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Top Evidence [2013/03/10 18:23:34 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\TOSST [2011/07/15 13:21:18 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Total Eclipse [2008/10/23 15:32:53 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Touchstone [2011/09/03 18:16:27 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\TrickySoftware [2010/09/29 18:25:59 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Try2 [2012/03/06 12:20:53 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Twilight Games [2012/06/24 19:39:13 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Ubisoft [2013/01/27 14:59:00 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\unikgame [2012/11/04 17:34:07 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\URSE Games [2013/04/27 14:40:54 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\uTorrent [2009/11/23 20:11:13 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\V-Games [2011/10/14 11:20:54 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Val'Gor 2 [2011/10/14 11:20:09 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\ValGor_2 [2010/05/14 15:24:36 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\VampireSaga [2012/11/03 14:23:26 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Vast Studios [2012/02/15 18:10:10 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\VendelGAMES [2009/08/11 19:31:11 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\VisualShape [2012/05/08 16:01:22 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Vogat Interactive [2011/12/22 01:02:47 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\WhiteBirdsProductions [2010/12/10 18:39:18 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\Windows Live Writer [2012/08/23 11:16:43 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\World-LooM [2010/10/27 11:18:04 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\YoudaGames [2009/03/10 15:09:21 | 000,000,000 | ---D | M] -- C:\Users\meatloaf\AppData\Roaming\ZOO Digital Publishing [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2013/04/26 22:14:23 | 000,027,606 | ---- | M] () -- C:\AdwCleaner[S1].txt [2009/04/11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008/10/10 23:06:12 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2008/10/11 18:03:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2008/10/11 18:03:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2013/04/27 16:25:35 | 2459,713,536 | -HS- | M] () -- C:\pagefile.sys [2013/04/27 16:38:08 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2013/04/27 16:28:19 | 000,000,125 | ---- | M] () -- C:\service.log [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [2001/05/11 11:39:16 | 000,053,248 | ---- | M] (Silitek Corp.) -- C:\Program Files\ACMonitor_X73.exe [2001/07/26 16:58:46 | 000,000,047 | ---- | M] () -- C:\Program Files\ACMonitor_X73.ini [2008/01/21 04:57:01 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini [2001/04/23 14:22:14 | 000,001,437 | ---- | M] () -- C:\Program Files\gtx73.ini [2001/05/08 16:36:42 | 000,114,688 | ---- | M] () -- C:\Program Files\lxarscan.dll [2001/07/05 12:46:44 | 000,008,116 | ---- | M] () -- C:\Program Files\OSLO3071b2.USB [2001/02/22 09:54:36 | 000,000,768 | ---- | M] () -- C:\Program Files\x73_lut.dat [color=#A23BEC]< %PROGRAMFILES%\*. >[/color] [2008/11/12 19:07:13 | 000,000,000 | ---D | M] -- C:\Program Files\ABBYY FineReader 6.0 Sprint [2012/12/07 21:26:25 | 000,000,000 | ---D | M] -- C:\Program Files\Activision [2013/03/02 18:21:03 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe [2013/04/12 17:51:07 | 000,000,000 | ---D | M] -- C:\Program Files\AGEIA Technologies [2009/03/29 16:14:17 | 000,000,000 | ---D | M] -- C:\Program Files\Alcohol Soft [2010/12/25 13:01:59 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software [2013/03/22 23:28:07 | 000,000,000 | ---D | M] -- C:\Program Files\AMD APP [2013/04/12 15:47:26 | 000,000,000 | ---D | M] -- C:\Program Files\Ask & Record Toolbar [2012/07/08 11:17:18 | 000,000,000 | ---D | M] -- C:\Program Files\Atari [2012/06/25 11:31:50 | 000,000,000 | ---D | M] -- C:\Program Files\ATI [2013/03/22 23:27:32 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies [2008/10/30 20:34:42 | 000,000,000 | ---D | M] -- C:\Program Files\AutoCAD 2008 [2008/10/30 20:19:47 | 000,000,000 | ---D | M] -- C:\Program Files\Autodesk [2013/03/22 23:42:44 | 000,000,000 | ---D | M] -- C:\Program Files\Avira [2009/07/06 23:34:35 | 000,000,000 | ---D | M] -- C:\Program Files\AviSynth 2.5 [2012/01/22 14:24:49 | 000,000,000 | ---D | M] -- C:\Program Files\Block Breaker Deluxe - Midnight Challenge [2011/10/15 18:35:46 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner [2013/04/27 15:44:48 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files [2012/07/16 23:30:43 | 000,000,000 | ---D | M] -- C:\Program Files\CVitaeV4 [2012/10/26 17:22:38 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite [2009/04/09 14:37:50 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Pro [2011/11/01 17:59:30 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX [2009/06/30 12:52:49 | 000,000,000 | ---D | M] -- C:\Program Files\directx [2010/05/24 14:24:48 | 000,000,000 | ---D | M] -- C:\Program Files\Disney Interactive Studios [2010/04/29 14:01:13 | 000,000,000 | ---D | M] -- C:\Program Files\DivX [2008/12/29 19:27:46 | 000,000,000 | ---D | M] -- C:\Program Files\Dolby [2009/11/14 16:06:13 | 000,000,000 | ---D | M] -- C:\Program Files\epson [2008/10/10 22:13:13 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs [2010/04/14 17:31:43 | 000,000,000 | ---D | M] -- C:\Program Files\Futuremark [2011/12/18 19:09:44 | 000,000,000 | ---D | M] -- C:\Program Files\GameSpy Arcade [2010/06/07 09:58:39 | 000,000,000 | ---D | M] -- C:\Program Files\gBurner [2008/12/29 19:31:25 | 000,000,000 | ---D | M] -- C:\Program Files\GIGABYTE [2013/04/12 15:52:11 | 000,000,000 | ---D | M] -- C:\Program Files\Google [2009/01/06 16:53:16 | 000,000,000 | ---D | M] -- C:\Program Files\gPotato.eu [2011/09/11 12:09:38 | 000,000,000 | ---D | M] -- C:\Program Files\Hidden in Time Mirror Mirror [2010/06/07 10:28:32 | 000,000,000 | ---D | M] -- C:\Program Files\id Software [2013/03/22 23:18:05 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information [2008/12/29 19:31:49 | 000,000,000 | ---D | M] -- C:\Program Files\Intel [2011/06/17 10:52:14 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer [2013/04/25 20:49:26 | 000,000,000 | ---D | M] -- C:\Program Files\Java [2012/11/17 19:30:39 | 000,000,000 | ---D | M] -- C:\Program Files\Jeux Chapelain [2008/12/31 15:57:39 | 000,000,000 | ---D | M] -- C:\Program Files\Lavalys [2009/10/16 12:56:27 | 000,000,000 | ---D | M] -- C:\Program Files\LexmarkX73 [2010/09/24 17:49:56 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech [2013/03/22 23:18:01 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech Gaming Software [2013/04/26 22:40:27 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/10/26 18:38:31 | 000,000,000 | ---D | M] -- C:\Program Files\Medal of Honor Warfighter [2010/04/29 14:01:46 | 000,000,000 | ---D | M] -- C:\Program Files\Metal Slug Complete PC [2011/07/17 18:43:12 | 000,000,000 | ---D | M] -- C:\Program Files\Micro Application [2010/02/09 11:39:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2 [2008/10/16 12:53:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games [2008/12/08 10:29:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games for Windows - LIVE [2011/07/02 16:57:50 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office [2012/05/13 18:43:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight [2010/11/06 15:00:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio [2010/02/06 18:47:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8 [2010/11/28 13:43:26 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works [2012/06/22 13:49:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET [2012/09/10 23:06:28 | 000,000,000 | ---D | M] -- C:\Program Files\MobaMotiv [2011/09/12 16:32:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mortimer Beckett And The Secrets Of Spooky Manor [2010/08/12 10:45:04 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker [2013/04/14 16:08:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox [2013/04/15 19:29:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service [2010/11/06 15:01:09 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild [2010/02/06 18:47:17 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache [2012/05/18 12:09:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Games [2008/10/22 08:29:19 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0 [2013/04/25 21:01:23 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software [2008/10/19 16:53:37 | 000,000,000 | ---D | M] -- C:\Program Files\Nero [2008/10/19 16:57:33 | 000,000,000 | ---D | M] -- C:\Program Files\NeroInstall.bak [2011/11/09 00:09:58 | 000,000,000 | ---D | M] -- C:\Program Files\Nobilis [2012/05/18 11:27:30 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media [2013/04/12 17:52:16 | 000,000,000 | ---D | M] -- C:\Program Files\OCCT [2009/03/03 10:22:11 | 000,000,000 | ---D | M] -- C:\Program Files\OpenAL [2010/10/23 12:21:12 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3 [2013/01/27 20:47:36 | 000,000,000 | ---D | M] -- C:\Program Files\OXXOGames [2011/01/19 19:35:23 | 000,000,000 | ---D | M] -- C:\Program Files\Photo Notifier and Animation Creator [2012/06/25 10:08:01 | 000,000,000 | ---D | M] -- C:\Program Files\Picasa2 [2009/07/23 21:12:44 | 000,000,000 | ---D | M] -- C:\Program Files\Pinnacle [2009/06/30 12:50:15 | 000,000,000 | ---D | M] -- C:\Program Files\PIXELA [2013/03/22 22:27:03 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek [2012/05/07 14:54:57 | 000,000,000 | ---D | M] -- C:\Program Files\Rebellion [2009/07/06 23:34:33 | 000,000,000 | ---D | M] -- C:\Program Files\Red Kawa [2012/05/25 12:12:29 | 000,000,000 | ---D | M] -- C:\Program Files\RedLynx [2006/11/02 14:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies [2011/09/12 00:17:37 | 000,000,000 | ---D | M] -- C:\Program Files\ReflexiveArcade [2010/02/07 17:00:01 | 000,000,000 | ---D | M] -- C:\Program Files\SolidWorks Corp [2010/02/10 11:31:53 | 000,000,000 | ---D | M] -- C:\Program Files\Sophos [2008/12/21 17:22:05 | 000,000,000 | ---D | M] -- C:\Program Files\Sparkle [2012/06/26 17:02:39 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy [2008/10/11 14:28:41 | 000,000,000 | ---D | M] -- C:\Program Files\Sun [2012/06/25 11:25:13 | 000,000,000 | ---D | M] -- C:\Program Files\SystemRequirementsLab [2013/04/23 17:39:48 | 000,000,000 | ---D | M] -- C:\Program Files\TERA [2013/04/12 17:51:40 | 000,000,000 | ---D | M] -- C:\Program Files\The KMPlayer [2006/11/02 14:58:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information [2011/11/01 17:57:50 | 000,000,000 | ---D | M] -- C:\Program Files\USB TV [2013/04/24 21:21:35 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent [2008/10/11 16:49:34 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN [2009/09/04 14:20:24 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar [2009/09/04 14:20:22 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration [2009/09/04 14:20:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender [2013/04/12 17:53:53 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live [2011/06/17 10:12:37 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail [2010/10/15 12:18:24 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player [2008/10/10 22:13:13 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT [2009/09/04 14:20:20 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery [2009/11/18 16:46:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices [2009/09/04 14:20:22 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar [2008/10/11 16:15:26 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR [2011/04/29 17:29:35 | 000,000,000 | ---D | M] -- C:\Program Files\WinZip [2010/04/29 14:05:37 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo! [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\erdnt\cache\AGP440.sys [2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\erdnt\cache\atapi.sys [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color] [2009/04/11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe [2009/04/11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe [2008/01/21 04:34:33 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008/01/21 04:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\erdnt\cache\beep.sys [2008/01/21 04:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008/01/21 04:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\erdnt\cache\cngaudit.dll [2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\erdnt\cache\explorer.exe [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008/01/21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe [color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color] [2009/04/11 08:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\Windows\System32\hidserv.dll [2009/04/11 08:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6002.18005_none_d897c17984907383\hidserv.dll [2006/11/02 11:46:05 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=8FA640195279ACE21BEA91396A0054FC -- C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6000.16386_none_d47586718a839763\hidserv.dll [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys [color=#A23BEC]< MD5 for: IMM32.DLL >[/color] [2009/04/11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=C8BDCECEE082B54F0BAC838BF0A34597 -- C:\Windows\erdnt\cache\imm32.dll [2008/01/21 04:34:05 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=EC17194A193CD8E90D27CFB93DFA9A2E -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll [2009/04/11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\imm32.dll [2009/04/11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll [color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color] [2009/02/13 10:21:09 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=1987D817D08F5EAF0B7F334026FDDB79 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll [2009/02/13 09:26:37 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=B82C7AC1D559F0FD088792171D64C7F3 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll [2009/02/13 09:13:01 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=BB792054BD990EC05D9E260D50FEAD39 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll [2009/04/11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=BB8509089E7DF514310814E1B2593FFC -- C:\Windows\erdnt\cache\kernel32.dll [2009/02/13 10:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) MD5=DB6E3731E6F5C8AE2843F80B5787F7C6 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll [2008/01/21 04:33:52 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=DC2338093F91BA4E0512208E60206DDD -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll [2009/04/11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\kernel32.dll [2009/04/11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll [color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color] [2009/04/11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\erdnt\cache\mswsock.dll [2009/04/11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\System32\mswsock.dll [2009/04/11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll [2008/01/21 04:33:36 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\erdnt\cache\ndis.sys [2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008/01/21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\erdnt\cache\netlogon.dll [2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll [color=#A23BEC]< MD5 for: NTFS.SYS >[/color] [2009/04/11 08:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\erdnt\cache\ntfs.sys [2009/04/11 08:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys [2009/04/11 08:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys [2008/01/21 04:33:23 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys [color=#A23BEC]< MD5 for: NTMSSVC.DLL >[/color] [2008/01/21 04:35:18 | 000,460,288 | ---- | M] (Microsoft Corporation) MD5=A7DFF9642D510BE1EEC6664CD0369953 -- C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\ntmssvc.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys [color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color] [2006/11/02 11:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\Windows\System32\proquota.exe [2006/11/02 11:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.0.6000.16386_none_259035db957a1715\proquota.exe [color=#A23BEC]< MD5 for: QMGR.DLL >[/color] [2008/01/21 04:34:49 | 000,758,272 | ---- | M] (Microsoft Corporation) MD5=02ED7B4DBC2A3232A389106DA7515C3D -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll [2009/04/11 08:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\erdnt\cache\qmgr.dll [2009/04/11 08:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\System32\qmgr.dll [2009/04/11 08:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\erdnt\cache\scecli.dll [2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll [color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color] [2010/08/17 15:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe [2009/04/11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe [2008/01/21 04:34:33 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe [2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\erdnt\cache\spoolsv.exe [2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe [2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe [2010/08/17 16:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe [2010/08/17 15:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2008/01/21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\erdnt\cache\svchost.exe [2008/01/21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe [2008/01/21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe [2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe [color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color] [2009/04/11 08:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D -- C:\Windows\erdnt\cache\termsrv.dll [2009/04/11 08:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D -- C:\Windows\System32\termsrv.dll [2009/04/11 08:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll [2008/01/21 04:33:51 | 000,448,512 | ---- | M] (Microsoft Corporation) MD5=D605031E225AACCBCEB5B76A4F1603A6 -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\erdnt\cache\userinit.exe [2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2006/11/02 11:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys [2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\drivers\volsnap.sys [2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys [2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys [2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys [2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys [color=#A23BEC]< MD5 for: WININET.DLL >[/color] [2011/02/22 08:21:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=047CDEFF94B63F0A4791372B47427B60 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll [2009/11/21 17:03:43 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=0B603B1B76FF6CA2D88B658A9ECC40E8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll [2010/01/02 16:56:17 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=1DC5E46312CBA5C1614B3D3359DB09C5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll [2010/02/23 17:06:06 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=24427C9C96556887A2F161800F00B2DE -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll [2009/03/03 06:32:59 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=3ED9859939928CA568F487AB42175A33 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll [2008/01/21 04:34:21 | 000,825,856 | ---- | M] (Microsoft Corporation) MD5=455D715A840579BDC1CF8E5C1DA76849 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll [2008/10/16 06:38:28 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=4944C9FFE8903A276590D4215F74B937 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\wininet.dll [2009/05/13 00:49:30 | 000,915,456 | ---- | M] (Microsoft Corporation) MD5=4BEDA2520729640D927E09A51AB916C4 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22874_none_e51403c2d0f31852\wininet.dll [2010/09/08 08:01:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=545264F1F3AC5BD57B159EBBDC4FDC58 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll [2010/11/02 08:01:54 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=5681261BF2572F8776E1344DCB090C0B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll [2008/06/27 06:15:28 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=618A51B5FB9DD5810960F6044C0E9289 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll [2009/07/21 23:52:28 | 000,915,456 | ---- | M] (Microsoft Corporation) MD5=6206A2BF9741B31C258ACC51972AFCAA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll [2008/10/16 06:24:00 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=622FE627D15DD920238A993021F0A4D1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\wininet.dll [2009/01/15 06:19:13 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=65647F41CEC0C8EEC9DF5BC1168EC76C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll [2009/01/16 07:00:04 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=6A986C2CD30633447DAB21A4852E40D6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll [2008/10/02 05:34:49 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=6B2591CDCEFEB8451594288426677CBB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll [2009/03/08 13:34:57 | 000,914,944 | ---- | M] (Microsoft Corporation) MD5=6CE32F7778061CCC5814D5E0F282D369 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll [2010/09/08 08:25:04 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=6D4B5C39BB00A8BD98462664E73AC403 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll [2009/03/03 06:40:12 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=6E115E2D3FAE5077A361A5BCE78FF170 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll [2010/12/18 08:27:04 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=74BCC23D622F32DA0450D164735ACAB1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll [2010/06/26 08:05:49 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=78D42E00B5AB233F34116C0EF07F1BC9 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll [2010/12/18 09:18:09 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=7D6AACE6BF60B5A1D572E082DEC9F0F0 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll [2009/04/11 08:28:25 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=8777B44511D8BCCF47B5A7CBDC02DE11 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll [2009/03/03 06:18:09 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=88B57405AC5B2BF513069086F8963635 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll [2008/10/02 05:49:06 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=8BF7D225505A4ADA25D9444E91811CEA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll [2008/10/16 06:47:35 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=8F89FFECF6989DD7D9ECCEC6D95D7419 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\wininet.dll [2010/01/02 08:38:20 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=91B8712BDC74295DA14A08F519B70D65 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll [2010/05/04 08:31:32 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=9DF755B063C647A1CAEB17F3E2FDDE1D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll [2011/05/15 00:10:16 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=A1236375B74EA63C75657D564890C436 -- C:\Windows\erdnt\cache\wininet.dll [2011/05/15 00:10:16 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=A1236375B74EA63C75657D564890C436 -- C:\Windows\System32\wininet.dll [2011/05/15 00:10:16 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=A1236375B74EA63C75657D564890C436 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16421_none_c1dc2e6ddfb757f8\wininet.dll [2008/06/27 05:49:46 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=AE7150C0696C656D02FDD48259F4EFF5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll [2011/02/22 09:18:35 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=B3A938D522F085171387FEF112AEECF5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll [2009/03/03 06:20:12 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=BA68744F8FE1BAAC35362F18774972A3 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll [2008/10/02 05:49:19 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=C373C19F10601C1AFE7E40907AE48694 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll [2008/10/02 05:30:45 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=C85EF7DE97ABBF00B16AD11EDFEAC637 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll [2009/08/27 15:29:46 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=D0DD9439DB3C927209CFFE095AA1F097 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll [2010/11/02 09:12:02 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=D364DEB34DB229A4C1EFB1BC68F505C4 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll [2009/05/09 07:50:28 | 000,915,456 | ---- | M] (Microsoft Corporation) MD5=D78B62CC91F043CED52F23F0085E7FE2 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18783_none_e47e96c1b7de7b22\wininet.dll [2009/11/21 08:40:20 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=DCB9E422810877D7C4115BACE54B084C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll [2009/08/27 07:22:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=E3AB6EBE520E1898663B011D2FC0DF11 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll [2009/07/22 08:03:04 | 000,915,456 | ---- | M] (Microsoft Corporation) MD5=E48ADF567FE3EFCC2EB88A2BE5E020CB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll [2008/06/27 05:54:49 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=E74D932CA7B3DA8CDB7A5F11F5A03ABC -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll [2010/02/23 08:39:13 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=EC3B3E6071E3FCD4290BFD42676EE064 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll [2008/06/27 05:50:35 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=EDF59D63DDBC8BE0BB4836EFFFC04BDC -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll [2008/10/16 06:40:37 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=F18C1B151A0B18C35BF0919A9BA0FA0F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\wininet.dll [2010/05/04 07:59:21 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=F317362AEB06140E7FB1B29331FDC038 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll [2010/06/26 08:51:32 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=F60F99762FABCD7F4B53A4A0EBAE3505 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll [2009/01/15 08:11:16 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=FB79A2AA5E92653B9A394FE26D799BF8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll [2009/01/15 06:16:03 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=FF35D495AC08549154D1D96990513CD9 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2008/01/21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\erdnt\cache\wininit.exe [2008/01/21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008/01/21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\erdnt\cache\winlogon.exe [2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\erdnt\cache\winlogon.exe [2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008/01/21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [2008/01/21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#A23BEC]< MD5 for: WS2_32.DLL >[/color] [2008/01/21 04:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\erdnt\cache\ws2_32.dll [2008/01/21 04:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ws2_32.dll [2008/01/21 04:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll [color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >[/color] "Debug" = "" = mnmsrvc "Kmode" = \SystemRoot\System32\win32k.sys "Optional" = Posix [binary data] "Posix" = %SystemRoot%\system32\psxss.exe "Required" = DebugWindows [binary data] "Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS] "CsrSrvSharedSectionBase" = 2137980928 [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2012/11/16 22:45:48 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\ATIDEMGX.dll [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color] [2013/04/27 15:51:30 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-1903238310-3106780671-3224412211-1000\desktop.ini [2006/11/02 14:58:10 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2006/11/02 14:58:10 | 000,032,612 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009/03/24 21:00:57 | 000,001,000 | ---- | C] () -- C:\Windows\Tasks\Google Software Updater.job [2012/04/05 18:23:03 | 000,001,002 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:5ECEFF17 @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:8855A119 @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:87A3A233 @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:3C4BD225 @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:F7BF538D @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:7BFFC6A9 @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:F13867C6 @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:E2C80DE4 @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A6E01F67 @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:9725F1BC @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:F8C2E3B9 @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:A900C3A3 < End of report >