OTL logfile created on: 6/5/2013 10:13:43 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\trovato\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
 
2.97 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 51.43% Memory free
5.93 Gb Paging File | 4.06 Gb Available in Paging File | 68.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.97 Gb Total Space | 24.95 Gb Free Space | 5.53% Space Free | Partition Type: NTFS
Drive D: | 14.69 Gb Total Space | 1.78 Gb Free Space | 12.14% Space Free | Partition Type: NTFS
 
Computer Name: TROVATO-HP | User Name: trovato | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\trovato\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Users\trovato\AppData\Roaming\SystemRequirementsLab\msdn.exe ()
PRC - C:\Users\trovato\AppData\Local\Temp\Win8RT.scr ()
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Users\trovato\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Smith Micro\StuffIt\ArcNameService.exe (Smith Micro Software, Inc.)
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - C:\Users\trovato\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\trovato\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll ()
MOD - C:\Users\trovato\AppData\Local\Google\Chrome\Application\27.0.1453.94\libglesv2.dll ()
MOD - C:\Users\trovato\AppData\Local\Google\Chrome\Application\27.0.1453.94\libegl.dll ()
MOD - C:\Users\trovato\AppData\Local\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - C:\Users\trovato\AppData\Local\Temp\Win8RT.scr ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll ()
MOD - C:\Users\trovato\AppData\Roaming\PictureMover\FR-BE\Presentation.dll ()
MOD - C:\Users\trovato\AppData\Roaming\PictureMover\Bin\Core.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (maconfservice) -- C:\Program Files\ma-config.com\x64\maconfservice.exe (CybelSoft)
SRV:[b]64bit:[/b] - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (BRSptSvc) -- C:\ProgramData\bitraider\BRSptSvc.exe (BitRaider, LLC)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AxAutoMntSrv) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe (Symantec Corporation)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Stuffit Archive Name Service) -- C:\Program Files (x86)\Smith Micro\StuffIt\ArcNameService.exe (Smith Micro Software, Inc.)
SRV - (libusbd) -- C:\Windows\SysWOW64\libusbd-nt.exe (http://libusb-win32.sourceforge.net)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (dump_wmimmc) -- C:\Program Files\gPotato.eu\Rappelz\GameGuard\dump_wmimmc.sys File not found
DRV:[b]64bit:[/b] - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:[b]64bit:[/b] - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:[b]64bit:[/b] - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy)
DRV:[b]64bit:[/b] - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:[b]64bit:[/b] - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:[b]64bit:[/b] - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (driverhardwarev2x64) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys (CybelSoft)
DRV:[b]64bit:[/b] - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symnets.sys (Symantec Corporation)
DRV:[b]64bit:[/b] - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtsp64.sys (Symantec Corporation)
DRV:[b]64bit:[/b] - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtspx64.sys (Symantec Corporation)
DRV:[b]64bit:[/b] - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symefa64.sys (Symantec Corporation)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symds64.sys (Symantec Corporation)
DRV:[b]64bit:[/b] - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\ironx64.sys (Symantec Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Xbox360Controller) -- C:\Windows\SysNative\drivers\x360chm.sys (Masahiko Morii)
DRV:[b]64bit:[/b] - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (npf) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20111027.001\BHDrvx64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20111107.003\EX64.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20111107.003\ENG64.SYS (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20111104.030\IDSviA64.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
DRV - (tandpl) -- C:\Windows\SysWOW64\drivers\tandpl.sys ()
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0EB87BFB-376F-4B63-A936-4D3D35090F8C}: "URL" = http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{F406A6D7-90EE-40F8-BA61-9615C7AA3747}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{FD87012E-FB64-48F1-BAD9-F66CBD343AF0}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0EB87BFB-376F-4B63-A936-4D3D35090F8C}: "URL" = http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{F406A6D7-90EE-40F8-BA61-9615C7AA3747}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{FD87012E-FB64-48F1-BAD9-F66CBD343AF0}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0EB87BFB-376F-4B63-A936-4D3D35090F8C}: "URL" = http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKCU\..\SearchScopes\{8A68E382-0311-4591-92F6-E2BFB86C8539}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}: "URL" = http://www.bing.com/search?q={searchTerms}&mkt=fr-FR&form=MKTIE9
IE - HKCU\..\SearchScopes\{C19275ED-1FAB-4F05-8BCC-1D8E701602D8}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=VD&o=14778&src=kw&q={searchTerms}&locale=&apn_ptnrs=VX&apn_dtid=YYYYYYYYBE&apn_uid=DA838EE0-04C2-4CBC-8C6E-75AE86E5D45C&apn_sauid=98142C0F-4912-4219-AABB-D9E9E1DCCD24
IE - HKCU\..\SearchScopes\{F406A6D7-90EE-40F8-BA61-9615C7AA3747}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKCU\..\SearchScopes\{FD87012E-FB64-48F1-BAD9-F66CBD343AF0}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q="
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.7.0.3
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\x64\nphardwaredetection.dll (Cybelsoft)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\Windows\system32\npOGPPlugin.dll (OGPlanet)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Windows\Downloaded Program Files\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\trovato\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\trovato\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\trovato\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn\ [2011/09/28 10:13:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_13_2 [2013/06/05 10:04:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbphotozoom@installdaddy.com: C:\Program Files (x86)\fbphotozoom\fbphotozoom15.xpi
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/03/12 01:09:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/23 12:58:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/20 21:51:10 | 000,000,000 | ---D | M]
 
[2011/12/11 23:53:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\trovato\AppData\Roaming\mozilla\Extensions
[2013/06/03 15:03:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\trovato\AppData\Roaming\mozilla\Firefox\Profiles\y0mxkals.default\extensions
[2012/09/03 20:19:36 | 000,224,693 | ---- | M] () (No name found) -- C:\Users\trovato\AppData\Roaming\mozilla\firefox\profiles\y0mxkals.default\extensions\fbphotozoom@installdaddy.com.xpi
[2013/02/28 20:53:06 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\trovato\AppData\Roaming\mozilla\firefox\profiles\y0mxkals.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/04/20 14:25:22 | 000,002,079 | ---- | M] () -- C:\Users\trovato\AppData\Roaming\mozilla\firefox\profiles\y0mxkals.default\searchplugins\google.xml
[2012/07/18 21:24:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/18 21:24:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/06/20 21:51:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\TROVATO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y0MXKALS.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2012/02/23 12:58:39 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/23 12:58:37 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2012/02/23 12:58:37 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/23 12:58:37 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/02/23 12:58:37 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2012/02/23 12:58:37 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/02/23 12:58:37 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\trovato\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\trovato\AppData\Local\Google\Chrome\Application\27.0.1453.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\trovato\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\trovato\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Ma-Config.com plugin (Enabled) = C:\Program Files\ma-config.com\nphardwaredetection.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\trovato\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: OGPlanet Game Plugin (Enabled) = C:\Windows\system32\npOGPPlugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Joker = C:\Users\trovato\AppData\Local\Google\Chrome\User Data\Default\Extensions\dindkpplagckibiohmieehphomngocoo\4_0\
CHR - Extension: AdBlock = C:\Users\trovato\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\
CHR - Extension: Joker = C:\Users\trovato\AppData\Local\Google\Chrome\User Data\Default\Extensions\dindkpplagckibiohmieehphomngocoo\4_0\
CHR - Extension: AdBlock = C:\Users\trovato\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\
 
O1 HOSTS File: ([2012/09/13 22:24:03 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Adobe PDF Link Helper) - {3EBE121D-4BA7-3226-24CB-27ED14DB7A56} - C:\Windows\SysWOW64\msrd2x440.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [LifeChat] C:\Program Files\Microsoft LifeChat\LifeChat.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [3ca19949e489926be70aff0451e68868] C:\Users\trovato\AppData\Local\Temp\Win8RT.scr ()
O4 - HKLM..\Run: [Adobe Flash Player SU] C:\Windows\Adobe Flash\Adobe.exe (SoftIce)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKCU..\Run: [3ca19949e489926be70aff0451e68868] C:\Users\trovato\AppData\Local\Temp\Win8RT.scr ()
O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Users\trovato\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [dsct.exe] C:\Users\trovato\AppData\Local\Temp\dsct.exe ()
O4 - HKCU..\Run: [Keyboard Inf.] C:\Users\trovato\AppData\Roaming\SystemRequirementsLab\msdn.exe ()
O4 - HKCU..\Run: [SmartPCProTray] C:\Program Files (x86)\Smart PC Solutions\Smart PC Professional\SmartPCProTray.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\trovato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3ca19949e489926be70aff0451e68868.exe ()
O4 - Startup: C:\Users\trovato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\trovato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outil de notification de cadeaux MSN.lnk = C:\Users\trovato\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {000F1EA4-5E08-4564-A29B-29076F63A37A} https://launch.soe.com/plugin/lp/SOEWebInstaller.cab (SOE Web Installer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DB13287-D01D-4111-89E4-EFFB59FE2FC2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DB13287-D01D-4111-89E4-EFFB59FE2FC2}: NameServer = 208.67.222.222,208.67.220.220
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\sprote~1.dll) -  File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
ActiveX:[b]64bit:[/b] {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} - .NET Framework
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} - .NET Framework
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {56A879C8-1BEC-427D-9294-2A57096F591D} - EIEDPLauncher
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - 
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
 
CREATERESTOREPOINT 
Restore point Set: OTL Restore Point
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/06/01 22:11:49 | 000,000,000 | ---D | C] -- C:\Users\trovato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unproductive Fun Time
[2013/06/01 22:10:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unproductive Fun Time
[2013/06/01 21:54:11 | 000,000,000 | ---D | C] -- C:\Users\trovato\Desktop\hellion
[2013/05/29 12:07:09 | 000,000,000 | ---D | C] -- C:\Users\trovato\AppData\Local\{11252C70-F6DE-4AF1-844A-840DD277EFF9}
[2013/05/28 21:43:41 | 000,000,000 | ---D | C] -- C:\Users\trovato\AppData\Roaming\3909 LLC
[2013/05/28 20:47:06 | 000,000,000 | ---D | C] -- C:\Users\trovato\Desktop\Papers, please
[2013/05/27 13:58:00 | 000,000,000 | ---D | C] -- C:\Users\trovato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
[2013/05/27 13:57:29 | 000,000,000 | ---D | C] -- C:\Users\trovato\AppData\Roaming\.minecraft
[2013/05/26 14:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon's Lair
[2013/05/26 14:17:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dragon's Lair
[2013/05/22 23:19:49 | 000,000,000 | ---D | C] -- C:\Users\trovato\AppData\Local\raidenlegacy
[2013/05/22 23:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raiden Legacy
[2013/05/22 23:15:56 | 000,000,000 | ---D | C] -- C:\Windows\Adobe Flash
[2013/05/22 23:15:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raiden Legacy
[2013/05/22 15:08:17 | 000,000,000 | ---D | C] -- C:\Users\trovato\AppData\Local\{B96C03E1-9A3B-47BD-9D9A-8F7DA8F89A63}
[2013/05/21 01:52:21 | 000,000,000 | ---D | C] -- C:\Users\trovato\AppData\Local\{457A90C2-A32A-4A8B-A6C3-B05E8BD1093B}
[2013/05/20 23:19:14 | 000,000,000 | ---D | C] -- C:\Users\trovato\Documents\h
[2013/05/19 21:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/05/17 02:49:59 | 000,000,000 | ---D | C] -- C:\Users\trovato\Desktop\Vampire X Knight
[2013/05/17 02:03:31 | 000,000,000 | ---D | C] -- C:\Users\trovato\Desktop\Rocks Clan
[2013/05/16 00:03:18 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/05/16 00:03:18 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/05/16 00:03:17 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/05/16 00:03:15 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/05/16 00:03:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/05/16 00:03:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/05/16 00:03:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/05/16 00:03:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/05/16 00:03:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/05/16 00:03:14 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/05/16 00:03:14 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/05/16 00:03:14 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/05/16 00:03:10 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/05/16 00:03:10 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/05/16 00:03:09 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/05/15 12:15:58 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013/05/15 12:15:58 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013/05/15 12:15:41 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/05/15 12:15:38 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/05/15 12:15:34 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/05/15 12:15:34 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013/05/15 12:14:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013/05/15 02:29:24 | 000,000,000 | ---D | C] -- C:\Users\trovato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twistys Asylum Escapades
[2013/05/15 02:28:25 | 000,000,000 | ---D | C] -- C:\Users\trovato\AppData\Local\Twistys Asylum Escapades
[2013/05/14 16:12:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serious Sam Kamikaze Attack!
[2013/05/14 16:11:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Serious Sam Kamikaze Attack!
[2013/05/13 16:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Install Pack
[2013/05/12 02:51:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDS PRO Apps
[2013/05/12 00:07:07 | 000,000,000 | ---D | C] -- C:\Users\trovato\AppData\Roaming\mrrescue
[2013/05/11 23:50:26 | 000,000,000 | ---D | C] -- C:\Users\trovato\Desktop\mrrescue-1.01-win-x64
[2013/05/10 01:00:11 | 000,000,000 | ---D | C] -- C:\gravity
[2013/05/08 15:51:09 | 000,000,000 | ---D | C] -- C:\Users\trovato\Desktop\ABUSE
[2012/12/19 00:50:23 | 000,126,464 | ---- | C] (Nuclex Development Labs) -- C:\Users\trovato\Nuclex.Input.dll
[2012/12/19 00:50:23 | 000,108,544 | ---- | C] (NUnit.org) -- C:\Users\trovato\nunit.framework.dll
[2012/12/19 00:50:23 | 000,030,720 | ---- | C] (Nick Gravelyn) -- C:\Users\trovato\EasyStorage.dll
[2011/09/09 09:41:44 | 003,486,088 | ---- | C] (Ask) -- C:\Program Files (x86)\Common Files\ApnToolbarInstaller.exe
[2011/09/09 09:41:44 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files (x86)\Common Files\ApnStub.exe
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
File not found -- C:\Windows\SysNative\
[2013/06/05 10:20:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/06/05 10:20:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/05 10:17:44 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/05 10:17:43 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/05 10:08:33 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1134365934-1286665402-1617943056-1001UA.job
[2013/06/05 10:08:33 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/05 10:04:31 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/05 10:04:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/05 10:03:57 | 2388,582,400 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/04 18:08:01 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1134365934-1286665402-1617943056-1001Core.job
[2013/06/02 10:40:07 | 000,460,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/06/01 22:12:05 | 000,002,086 | ---- | M] () -- C:\Users\trovato\Desktop\Mortis Ghost's OFF.lnk
[2013/06/01 16:01:01 | 000,012,515 | ---- | M] () -- C:\Users\trovato\Desktop\Document.rtf
[2013/05/29 00:04:02 | 000,754,412 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013/05/29 00:04:02 | 000,154,236 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013/05/29 00:04:01 | 001,665,724 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/29 00:04:01 | 000,660,844 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/29 00:04:01 | 000,126,116 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/29 00:03:49 | 001,665,724 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/27 13:58:04 | 000,002,140 | ---- | M] () -- C:\Users\trovato\Desktop\Minecraft.lnk
[2013/05/26 23:17:29 | 000,001,574 | ---- | M] () -- C:\Users\Public\Desktop\Unepic.lnk
[2013/05/26 14:19:29 | 000,001,063 | ---- | M] () -- C:\Users\trovato\Desktop\Dragon's Lair.lnk
[2013/05/24 22:17:09 | 000,002,384 | ---- | M] () -- C:\Users\trovato\Desktop\Google Chrome.lnk
[2013/05/22 23:16:07 | 000,001,068 | ---- | M] () -- C:\Users\trovato\Desktop\Raiden Legacy.lnk
[2013/05/21 00:04:52 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFortrovato.job
[2013/05/20 23:00:57 | 000,000,222 | ---- | M] () -- C:\Users\trovato\Desktop\Penny Arcade's On the Rain-Slick Precipice of Darkness 3.url
[2013/05/15 22:50:48 | 000,000,222 | ---- | M] () -- C:\Users\trovato\Desktop\The Binding of Isaac.url
[2013/05/15 02:29:28 | 000,002,204 | ---- | M] () -- C:\Users\trovato\Desktop\Twistys Asylum Escapades.lnk
[2013/05/15 00:20:25 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/05/15 00:20:25 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/05/15 00:20:06 | 009,195,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013/05/14 16:12:10 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\Serious Sam Kamikaze Attack!.lnk
[2013/05/14 02:38:20 | 000,005,053 | ---- | M] () -- C:\Users\Public\Documents\Global.sw2
[2013/05/12 02:51:56 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013/05/12 02:51:55 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2013/05/12 02:51:54 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013/05/12 02:51:54 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2013/05/12 02:51:39 | 000,002,161 | ---- | M] () -- C:\Users\trovato\Documents\WinDS PRO.lnk
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
File not found -- C:\Windows\SysNative\
[2013/06/05 10:20:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/06/01 22:12:00 | 000,002,086 | ---- | C] () -- C:\Users\trovato\Desktop\Mortis Ghost's OFF.lnk
[2013/05/31 17:23:59 | 000,012,515 | ---- | C] () -- C:\Users\trovato\Desktop\Document.rtf
[2013/05/27 13:58:03 | 000,002,140 | ---- | C] () -- C:\Users\trovato\Desktop\Minecraft.lnk
[2013/05/26 23:17:26 | 000,001,574 | ---- | C] () -- C:\Users\Public\Desktop\Unepic.lnk
[2013/05/26 14:19:26 | 000,001,063 | ---- | C] () -- C:\Users\trovato\Desktop\Dragon's Lair.lnk
[2013/05/22 23:16:05 | 000,001,068 | ---- | C] () -- C:\Users\trovato\Desktop\Raiden Legacy.lnk
[2013/05/20 23:00:57 | 000,000,222 | ---- | C] () -- C:\Users\trovato\Desktop\Penny Arcade's On the Rain-Slick Precipice of Darkness 3.url
[2013/05/15 22:50:47 | 000,000,222 | ---- | C] () -- C:\Users\trovato\Desktop\The Binding of Isaac.url
[2013/05/15 02:29:28 | 000,002,204 | ---- | C] () -- C:\Users\trovato\Desktop\Twistys Asylum Escapades.lnk
[2013/05/14 16:12:09 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\Serious Sam Kamikaze Attack!.lnk
[2013/05/12 02:51:37 | 000,002,161 | ---- | C] () -- C:\Users\trovato\Documents\WinDS PRO.lnk
[2013/04/17 21:10:31 | 000,000,336 | ---- | C] () -- C:\Windows\scummvm.ini
[2013/04/04 22:10:19 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2013/04/04 18:00:25 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2013/04/04 14:26:59 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2012/12/19 00:50:23 | 000,889,856 | ---- | C] () -- C:\Users\trovato\SlimDX.DirectInput.dll
[2012/12/19 00:50:23 | 000,081,059 | ---- | C] () -- C:\Users\trovato\license.rtf
[2012/11/20 00:58:20 | 000,083,968 | ---- | C] () -- C:\Windows\UnGins.exe
[2012/11/20 00:57:38 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\Unlha32.dll
[2012/11/20 00:57:36 | 000,473,600 | ---- | C] () -- C:\Windows\SysWow64\Harmony.dll
[2012/11/18 14:04:49 | 000,003,639 | ---- | C] () -- C:\Windows\SysWow64\WinMonitor.exe
[2012/11/18 14:04:49 | 000,003,639 | ---- | C] () -- C:\Windows\SysWow64\libs.exe
[2012/09/18 19:42:15 | 000,000,751 | ---- | C] () -- C:\Windows\Rtcwplat.INI
[2012/09/12 21:05:28 | 000,000,307 | ---- | C] () -- C:\Windows\thug2.ini
[2012/09/11 22:09:00 | 000,291,828 | ---- | C] () -- C:\Windows\To the Moon Uninstaller.exe
[2012/09/07 13:24:00 | 000,000,632 | ---- | C] () -- C:\Windows\Sofplat.INI
[2012/09/06 17:23:42 | 000,000,604 | ---- | C] () -- C:\Windows\Sof2.INI
[2012/08/29 20:37:13 | 001,125,221 | ---- | C] ( ) -- C:\Users\trovato\Oniken.exe
[2012/08/09 19:38:12 | 000,000,696 | ---- | C] () -- C:\Windows\wininit.ini
[2012/07/02 21:54:19 | 000,285,696 | ---- | C] () -- C:\Windows\SysWow64\Cncs232.dll
[2012/07/02 21:54:19 | 000,092,660 | ---- | C] () -- C:\Windows\SysWow64\bass.dll
[2012/06/03 14:07:26 | 000,000,170 | ---- | C] () -- C:\Windows\game.ini
[2012/05/26 20:24:01 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2012/05/25 14:46:37 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\H@tKeysH@@k.DLL
[2012/05/13 22:55:54 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe
[2012/04/20 19:12:58 | 000,936,907 | -HS- | C] () -- C:\Windows\hcsd.exe
[2012/04/15 13:52:10 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2012/04/15 13:52:10 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2012/04/04 00:20:33 | 001,665,724 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/07 00:34:31 | 000,324,096 | ---- | C] () -- C:\Windows\SysWow64\SDL.dll
[2012/01/07 00:34:31 | 000,126,976 | ---- | C] () -- C:\Windows\SysWow64\libpng13.dll
[2012/01/07 00:34:31 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\SDL_image.dll
[2012/01/07 00:34:31 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\SDL_ttf.dll
[2012/01/02 16:01:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/02 16:01:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/02 16:01:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/02 16:01:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/02 16:01:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/01 13:13:03 | 000,000,161 | ---- | C] () -- C:\Windows\MyDrivers.ini
[2011/12/02 19:18:57 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011/12/02 19:18:57 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011/12/02 19:18:56 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011/11/29 23:44:29 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\libmySQL.dll
[2011/11/27 22:16:36 | 000,000,298 | ---- | C] () -- C:\Windows\vtmb.ini
[2011/11/11 17:54:07 | 000,000,669 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011/11/11 13:38:03 | 000,000,058 | ---- | C] () -- C:\Windows\nfsc_patch.ini
[2011/11/04 23:21:49 | 000,000,533 | ---- | C] () -- C:\Windows\Tcsofla.INI
[2011/11/01 00:51:03 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/11/01 00:51:01 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/11/01 00:51:01 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/11/01 00:51:00 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/10/27 23:38:27 | 000,270,240 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/10/27 23:38:17 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/10/22 14:05:34 | 000,000,618 | ---- | C] () -- C:\Windows\eReg.dat
[2011/10/19 23:26:32 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/26 23:24:22 | 000,007,552 | ---- | C] () -- C:\Windows\SysWow64\drivers\enodpl.sys
[2011/09/26 23:24:22 | 000,004,736 | ---- | C] () -- C:\Windows\SysWow64\drivers\tandpl.sys
[2011/09/22 00:06:07 | 000,000,604 | ---- | C] () -- C:\Windows\Wlf.INI
[2011/09/12 22:39:52 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2011/09/10 12:09:27 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\loogman.exe
[2011/09/09 10:09:08 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/09/09 09:41:45 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2011/11/17 08:41:18 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{fa507f15-da3a-9daa-e725-91db26bd366e}\@
[2013/05/01 02:31:41 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{fa507f15-da3a-9daa-e725-91db26bd366e}\L
[2013/05/01 02:37:46 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{fa507f15-da3a-9daa-e725-91db26bd366e}\U
[2012/09/04 11:24:25 | 000,000,804 | ---- | M] () -- C:\Windows\Installer\{fa507f15-da3a-9daa-e725-91db26bd366e}\L\00000004.@
[2012/09/03 11:05:05 | 000,231,936 | ---- | M] (Ufasoft) -- C:\Windows\Installer\{fa507f15-da3a-9daa-e725-91db26bd366e}\L\00000008.@
[2013/05/01 01:55:02 | 000,090,624 | ---- | M] () -- C:\Windows\Installer\{fa507f15-da3a-9daa-e725-91db26bd366e}\U\80000032.@
[2012/04/10 20:46:58 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1134365934-1286665402-1617943056-1001\$RLW2RV8\External\players\2\L
[2012/04/10 20:47:27 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1134365934-1286665402-1617943056-1001\$RLW2RV8\External\players\8\L
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]< %systemroot%\*. /mp /s  >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles  >[/color]
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles  >[/color]
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles  >[/color]
Invalid Environment Variable: alluserprofile
Invalid Environment Variable: alluserprofile
 
[color=#A23BEC]< %appdata%\*.  >[/color]
[2012/05/16 15:27:55 | 000,000,000 | -HSD | M] -- C:\Users\trovato\AppData\Roaming\.#
[2012/10/28 17:54:24 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\.doomseeker
[2013/05/27 17:14:01 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\.minecraft
[2012/05/17 17:46:58 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\.mono
[2013/05/28 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\3909 LLC
[2013/02/27 13:26:28 | 000,000,000 | -HSD | M] -- C:\Users\trovato\AppData\Roaming\92E016
[2012/03/17 00:38:48 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Abandonware-France
[2011/09/09 01:36:31 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Acreon
[2012/06/02 22:18:38 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Activision
[2012/04/08 02:25:51 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Adobe
[2013/02/12 00:02:43 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Anodyne
[2013/04/03 16:48:21 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Awesomium
[2012/10/13 15:34:33 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Beat Hazard
[2012/03/17 18:17:26 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\BigHugeEngine
[2012/02/12 14:04:12 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\BitDefender
[2013/06/05 01:21:51 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\BitTorrent
[2012/03/16 00:15:19 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\BoneCraft
[2012/03/11 00:31:10 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\BoneTown
[2012/01/07 18:48:45 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Braid
[2011/10/14 21:06:01 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\bsnes
[2012/06/12 00:46:07 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\capy
[2012/11/17 04:10:52 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Clickteam
[2012/09/02 00:17:49 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\collection
[2012/04/09 01:28:01 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\com.brokenfunction.mmvs
[2012/04/08 02:31:20 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\com.brokenfunction.mmvs.gng.78D6CFA7618666CDDF3711F04F3B7DF9B64B883E.1
[2012/04/08 02:28:01 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\com.brokenfunction.mmvs.metroid.78D6CFA7618666CDDF3711F04F3B7DF9B64B883E.1
[2013/04/03 21:58:38 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\com.radialgames.MonsterLovesYou
[2013/04/04 23:01:51 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\com.shirogames.evoland
[2011/09/12 22:40:24 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\CyberLink
[2012/11/10 22:08:23 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\DAEMON Tools Lite
[2013/02/06 00:20:07 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\DAEMON Tools Pro
[2012/12/20 03:31:28 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\DefendersQuest
[2011/12/26 13:45:15 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\digipen
[2012/06/04 22:03:00 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\DisneyInteractiveStudios
[2012/04/26 18:04:16 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\DivX
[2012/11/15 19:15:30 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Doublefine
[2012/12/30 22:53:57 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\dvdcss
[2012/08/07 12:44:41 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Empty Clip Studios
[2012/06/07 20:50:28 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\EtherVapor
[2012/06/01 19:05:04 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\FALCOM
[2012/07/23 21:17:12 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\fltk.org
[2012/09/07 18:54:26 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\gd.sos.McPixel
[2012/01/15 00:28:08 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\GetRightToGo
[2012/08/14 22:11:16 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\GuiltyGearIsuka
[2012/04/07 19:06:17 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\HackSlashLoot
[2011/09/14 11:08:27 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Hewlett-Packard
[2012/08/21 20:16:26 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\HI0
[2012/10/17 14:02:48 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Hive Cluster
[2012/05/04 23:18:52 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Hothead Games
[2012/02/22 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\HP Support Assistant
[2011/09/14 10:57:17 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\hpqLog
[2012/02/22 19:50:56 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\HpUpdate
[2011/09/09 01:16:00 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Identities
[2012/09/24 21:05:07 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\InstallShield Installation Information
[2012/10/14 13:49:31 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\iPadian
[2012/06/09 21:08:42 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\iPhone.F4B6EDD4861104DF103CA831FC6755522BBBD9C1.1
[2012/09/05 01:03:16 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\JoyChina
[2012/08/29 20:37:47 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Joymasher
[2013/03/20 01:23:42 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\La Bataille pour la Terre du Milieu ™ II
[2011/12/05 02:16:12 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Lionhead Studios
[2012/11/22 13:45:24 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Little Inferno
[2012/08/16 14:03:17 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\LolClient
[2012/07/23 16:27:36 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\LoneSurvivor
[2012/10/26 11:34:45 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\LOVE
[2012/04/07 20:58:34 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\LS
[2011/09/09 01:20:45 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Macromedia
[2009/07/14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Media Center Programs
[2012/11/07 18:50:16 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Media Player Classic
[2013/03/05 22:57:10 | 000,000,000 | --SD | M] -- C:\Users\trovato\AppData\Roaming\Microsoft
[2012/05/17 22:59:39 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Misfits
[2013/02/21 01:39:22 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\MMFApplications
[2012/05/26 20:33:38 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\MotioninJoy
[2011/12/11 23:53:25 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Mozilla
[2013/05/12 00:20:02 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\mrrescue
[2012/06/28 22:52:43 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Myke974
[2011/10/28 00:32:48 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Need for Speed World
[2011/09/14 18:55:39 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\OpenOffice.org
[2011/12/27 16:18:24 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Origin
[2011/09/09 01:17:24 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\PictureMover
[2012/08/06 21:52:13 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\PlatinumHideIP
[2012/06/30 18:16:16 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Pokemon Online
[2013/05/11 13:16:28 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Pokémon Trading Card Game Online
[2013/03/01 17:07:21 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\PuchisoftDispatcher
[2012/11/21 20:28:15 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Renegade Kid
[2012/07/24 00:45:07 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\RenPy
[2012/10/10 12:11:53 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\RetroCityRampage
[2012/03/06 15:53:30 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\RotMG.Production
[2012/11/17 02:43:55 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Rovio
[2013/03/16 21:39:08 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\runic games
[2012/08/21 21:02:47 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Scoregasm
[2013/01/20 01:03:52 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\ScummVM
[2011/10/07 00:43:43 | 000,000,000 | RH-D | M] -- C:\Users\trovato\AppData\Roaming\SecuROM
[2012/10/04 23:22:19 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\SEGA
[2013/05/31 19:41:07 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Skype
[2012/10/16 21:48:09 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Smart PC Solutions
[2012/07/14 02:30:33 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\SPORE
[2012/04/03 21:46:05 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Stella
[2013/04/13 01:12:47 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\SystemRequirementsLab
[2012/08/17 12:11:41 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\The Mirror Lied
[2012/01/02 17:02:10 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Tific
[2012/09/12 01:20:50 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\To the Moon - Freebird Games
[2012/06/25 16:24:51 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\TS3Client
[2013/02/26 21:06:55 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\unepic
[2012/05/17 22:19:42 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Unity
[2012/09/07 19:13:57 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Upper Byte
[2011/12/19 03:12:49 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\VBA-M
[2012/10/31 01:09:53 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\VDownloader
[2013/05/31 17:42:07 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\vlc
[2012/01/13 01:19:21 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Voxatron
[2011/09/14 10:52:27 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\WinBatch
[2011/10/28 21:10:20 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\Windows Live Writer
[2011/09/11 00:18:49 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\WinRAR
[2012/11/01 21:30:08 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\zombies
[2012/04/03 22:45:50 | 000,000,000 | ---D | M] -- C:\Users\trovato\AppData\Roaming\ZOO Digital Publishing
 
[color=#A23BEC]< %appdata%\*.exe /s  >[/color]
[2013/03/15 18:21:06 | 000,462,551 | ---- | M] (TeamExtreme) -- C:\Users\trovato\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe
[2013/05/27 13:58:05 | 000,069,256 | ---- | M] () -- C:\Users\trovato\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe
[2011/03/09 02:17:52 | 000,552,960 | ---- | M] () -- C:\Users\trovato\AppData\Roaming\Abandonware-France\Daggerfall\C\DAGGER\DaggerXL.exe
[2011/09/09 15:21:04 | 000,272,384 | ---- | M] () -- C:\Users\trovato\AppData\Roaming\Acreon\WowMatrix\Modules\curl.exe
[2013/02/13 14:19:55 | 000,055,424 | ---- | M] (Adobe Systems Inc.) -- C:\Users\trovato\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013/04/14 17:22:35 | 000,001,078 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{05C02EE9-9F0A-4052-A4DA-8621F729B1F5}\_18be6784.exe
[2013/04/14 17:22:35 | 000,003,638 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{05C02EE9-9F0A-4052-A4DA-8621F729B1F5}\_294823.exe
[2013/04/14 17:22:35 | 000,003,638 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{05C02EE9-9F0A-4052-A4DA-8621F729B1F5}\_2cd672ae.exe
[2013/04/14 17:22:35 | 000,003,638 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{05C02EE9-9F0A-4052-A4DA-8621F729B1F5}\_4ae13d6c.exe
[2013/04/14 17:22:35 | 000,001,078 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{05C02EE9-9F0A-4052-A4DA-8621F729B1F5}\_69525f90.exe
[2012/06/01 23:27:09 | 000,029,926 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_18be6784.exe
[2012/06/01 23:27:09 | 000,029,422 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_294823.exe
[2012/03/10 21:21:32 | 000,003,774 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{5E7C721D-B008-4269-A1C4-2CE7E9757983}\BoneTown.exe
[2012/03/10 21:21:32 | 000,010,134 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{5E7C721D-B008-4269-A1C4-2CE7E9757983}\SystemFolder_msiexec.exe
[2012/09/18 19:44:51 | 000,000,766 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{69FDD4EA-9D68-11D5-8A28-005004D37F93}\Copy(2)ofweb.exe
[2012/09/18 19:44:51 | 000,000,766 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{69FDD4EA-9D68-11D5-8A28-005004D37F93}\CopyofHelp.exe
[2012/09/18 19:44:51 | 000,002,238 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{69FDD4EA-9D68-11D5-8A28-005004D37F93}\wolf3D.exe
[2012/10/28 01:37:39 | 000,032,038 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{73550466-AE32-47D0-9868-C6066BDC0A3D}\cake_icon.exe
[2013/02/01 23:21:11 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
[2013/02/01 23:21:11 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
[2013/02/01 23:21:11 | 000,008,854 | R--- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe
[2012/09/24 02:02:01 | 000,049,152 | R--- | M] (Macrovision Corporation) -- C:\Users\trovato\AppData\Roaming\Microsoft\Installer\{C3DE64C5-5621-4A75-B44D-FBDEF8DE0ADB}\NewShortcut10_655B3C98660243A38115A5A0E50DA9C8.exe
[2012/07/04 13:49:44 | 000,183,096 | ---- | M] (Microsoft Corporation) -- C:\Users\trovato\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe
[2013/04/10 09:25:46 | 000,125,739 | ---- | M] () -- C:\Users\trovato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3ca19949e489926be70aff0451e68868.exe
[2012/09/16 12:12:55 | 000,104,768 | ---- | M] (www.motioninjoy.com) -- C:\Users\trovato\AppData\Roaming\MotioninJoy\DS3tool\update\DS3_Tool.exe
[2013/04/24 20:44:45 | 009,157,168 | ---- | M] () -- C:\Users\trovato\AppData\Roaming\Pokémon Trading Card Game Online\Pokemon Trading Card Game Online.exe
[2013/03/21 23:39:15 | 009,156,656 | ---- | M] () -- C:\Users\trovato\AppData\Roaming\Pokémon Trading Card Game Online\Refresher.exe
[2013/03/21 23:39:15 | 000,039,472 | ---- | M] () -- C:\Users\trovato\AppData\Roaming\Pokémon Trading Card Game Online\Refresher_Data\bsrefresh.exe
[2013/04/13 01:10:43 | 005,141,504 | ---- | M] () -- C:\Users\trovato\AppData\Roaming\SystemRequirementsLab\msdn.exe
 
[color=#A23BEC]< %systemdrive%\*.  >[/color]
[2013/03/16 20:43:46 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2012/09/16 11:30:26 | 000,000,000 | ---D | M] -- C:\0e7b282e003e6164d8dd6718eb9588
[2012/09/23 23:15:29 | 000,000,000 | ---D | M] -- C:\2b9534cd8b74645080de2288
[2012/09/10 11:48:45 | 000,000,000 | ---D | M] -- C:\6c12b56914ad9edd3d66c3c971
[2012/09/29 11:13:51 | 000,000,000 | ---D | M] -- C:\947794919e981855f0c610ffa6
[2012/10/11 10:44:20 | 000,000,000 | ---D | M] -- C:\b96a8c98bafd01225dbe
[2009/07/24 21:22:28 | 000,000,000 | ---D | M] -- C:\Boot
[2012/10/18 15:58:18 | 000,000,000 | ---D | M] -- C:\CAT-Logs
[2012/01/02 17:03:02 | 000,000,000 | ---D | M] -- C:\ComboFix
[2013/05/29 00:10:51 | 000,000,000 | ---D | M] -- C:\Config.Msi
[2013/03/17 16:49:20 | 000,000,000 | ---D | M] -- C:\Crash
[2012/07/21 21:47:10 | 000,000,000 | ---D | M] -- C:\d68aa9d2ddcaf83f2b850cb507737d
[2012/05/13 22:55:54 | 000,000,000 | ---D | M] -- C:\Diablo
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012/01/12 20:30:55 | 000,000,000 | ---D | M] -- C:\Down
[2013/04/10 19:16:25 | 000,000,000 | ---D | M] -- C:\Download
[2013/02/01 16:39:02 | 000,000,000 | ---D | M] -- C:\Downloads
[2012/10/17 11:20:31 | 000,000,000 | ---D | M] -- C:\e3c78826a1340d24750f7525
[2012/07/04 17:24:23 | 000,000,000 | ---D | M] -- C:\fa994bcf1c9d1441309202
[2012/06/01 19:08:13 | 000,000,000 | ---D | M] -- C:\FALCOM
[2011/09/09 09:42:39 | 000,000,000 | ---D | M] -- C:\Firefox
[2013/04/13 21:54:06 | 000,000,000 | ---D | M] -- C:\games
[2013/05/26 23:16:59 | 000,000,000 | ---D | M] -- C:\GOG Games
[2013/04/05 18:37:49 | 000,000,000 | ---D | M] -- C:\gPotato.eu
[2013/05/10 01:00:11 | 000,000,000 | ---D | M] -- C:\gravity
[2010/11/03 02:42:29 | 000,000,000 | R--D | M] -- C:\hp
[2011/09/09 10:20:05 | 000,000,000 | ---D | M] -- C:\Intel
[2012/08/08 00:38:09 | 000,000,000 | ---D | M] -- C:\Megaman Day in the Limelight 2 V1.0
[2012/09/19 22:56:31 | 000,000,000 | ---D | M] -- C:\Nouveau dossier
[2009/07/14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012/07/07 18:52:27 | 000,000,000 | ---D | M] -- C:\Pokemon Twilight
[2013/03/14 01:02:30 | 000,000,000 | R--D | M] -- C:\Program Files
[2013/06/03 15:03:27 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013/06/03 15:03:26 | 000,000,000 | ---D | M] -- C:\ProgramData
[2012/07/26 15:26:09 | 000,000,000 | ---D | M] -- C:\Programme
[2012/01/17 22:07:42 | 000,000,000 | ---D | M] -- C:\Programs Files
[2012/01/02 17:03:02 | 000,000,000 | ---D | M] -- C:\Qoobox
[2012/11/06 22:39:45 | 000,000,000 | ---D | M] -- C:\Quake
[2013/05/04 00:42:26 | 000,000,000 | ---D | M] -- C:\ragnarok
[2009/07/24 20:32:39 | 000,000,000 | ---D | M] -- C:\Recovery
[2012/06/01 19:13:23 | 000,000,000 | ---D | M] -- C:\RELEASE
[2011/11/29 23:52:11 | 000,000,000 | ---D | M] -- C:\SAVE
[2012/08/22 14:11:47 | 000,000,000 | ---D | M] -- C:\SIERRA
[2012/01/06 18:03:14 | 000,000,000 | ---D | M] -- C:\StealthBastard
[2013/01/07 18:57:36 | 000,000,000 | ---D | M] -- C:\SW
[2011/09/09 09:31:00 | 000,000,000 | ---D | M] -- C:\swsetup
[2013/06/05 10:21:16 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011/09/09 01:15:49 | 000,000,000 | ---D | M] -- C:\SYSTEM.SAV
[2012/10/12 18:33:21 | 000,000,000 | ---D | M] -- C:\Team17
[2013/04/06 17:32:48 | 000,000,000 | ---D | M] -- C:\TEMP
[2013/04/10 17:37:53 | 000,000,000 | ---D | M] -- C:\tmpDownload
[2013/04/26 11:39:46 | 000,000,000 | R--D | M] -- C:\Users
[2013/05/22 23:15:56 | 000,000,000 | ---D | M] -- C:\Windows
[2013/04/14 14:24:58 | 000,000,000 | ---D | M] -- C:\windows7
[2012/12/21 04:19:26 | 000,000,000 | ---D | M] -- C:\YoutubeMusicDownloader
 
[color=#A23BEC]< %systemdrive%\*.exe  >[/color]
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2010/09/12 17:46:52 | 000,105,472 | ---- | M] (zouzzz) -- C:\PS3UPDAT.PUP Version.exe
[2011/06/19 13:50:24 | 000,227,840 | ---- | M] () -- C:\xdelta.exe
 
[color=#A23BEC]< %programfiles%\*.  >[/color]
[2011/09/10 17:41:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\7-Zip
[2013/02/18 16:50:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Activision
[2012/04/08 02:24:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2013/04/03 16:44:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies
[2012/01/17 20:03:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Alaplaya
[2012/06/21 12:40:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Alcohol Soft
[2013/02/12 00:02:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Anodyne
[2011/12/04 19:20:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ARC SYSTEM WORKS
[2012/03/30 23:30:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ARES - Extinction Agenda
[2012/11/20 00:57:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASCII
[2012/09/16 02:14:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Atari
[2012/12/07 19:37:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVWW
[2011/12/30 17:41:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bastion
[2012/10/13 15:32:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Beat Hazard Ultra
[2013/02/18 16:26:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bethesda Softworks
[2012/07/22 22:05:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bit Trip Runner VnM
[2011/09/09 01:51:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BitTorrent
[2012/01/13 12:00:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Blocks That Matter
[2013/04/16 23:51:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\blueMSX
[2012/07/23 13:48:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Braid
[2013/01/26 00:21:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Capcom
[2012/06/12 00:45:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\capy
[2012/09/27 02:07:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Castle Crashers
[2011/11/12 02:25:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cave Story (Français)
[2012/07/18 01:27:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cave Story Deluxe
[2013/04/17 16:01:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cave Story+
[2012/03/01 18:17:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CDtool
[2013/01/24 18:57:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ClaDun x2
[2012/08/26 00:34:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Comical
[2013/05/21 20:50:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2012/01/15 12:22:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ControlMK
[2012/09/10 13:17:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cyanide
[2010/11/03 02:13:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2013/02/06 00:18:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Pro
[2012/06/12 19:04:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Diablo II
[2012/03/25 00:55:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\directx
[2013/03/12 01:09:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DivX
[2013/04/25 20:17:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Don’t Starve
[2013/05/08 17:05:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DOSBox-0.74
[2013/05/26 14:19:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dragon's Lair
[2012/01/01 13:19:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Driver-Soft
[2013/03/27 13:41:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Duke Nukem 3D Megaton Edition
[2012/05/04 21:32:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EA
[2010/11/03 02:30:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EasyBits For Kids
[2012/06/07 20:48:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Edelweiss
[2012/10/26 21:55:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Eidos
[2013/02/18 00:32:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Eidos Interactive
[2013/03/20 00:44:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Electronic Arts
[2013/02/17 01:07:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Empress
[2012/11/22 16:50:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Enterbrain
[2013/04/04 23:01:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Evoland
[2012/08/20 18:02:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Final Fantasy VII
[2012/10/26 21:56:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Fox
[2013/01/09 02:43:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FTL
[2013/03/18 16:46:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Gameforge4D
[2012/08/07 12:46:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Games
[2011/10/15 17:33:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GlobFX Technologies
[2013/05/06 01:14:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GOG.com
[2013/03/23 22:52:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2012/09/18 16:46:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Half Life 2
[2012/02/23 11:53:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2010/11/03 02:07:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hp
[2010/11/03 02:34:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Games
[2012/11/25 19:46:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ID Software
[2013/04/06 03:43:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/12/30 13:29:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2013/05/16 03:11:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2012/08/02 20:32:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intrusion 2
[2011/12/26 02:31:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Jamestown
[2013/04/17 02:15:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/11/01 00:51:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\K-Lite Codec Pack
[2012/11/13 20:06:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\KOEI
[2013/04/09 03:29:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Konami
[2013/02/27 19:04:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Legend of Grimrock
[2012/05/26 20:24:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LibUSB-Win32-0.1.10.1
[2011/12/31 12:31:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LIMBO
[2013/04/04 17:53:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LucasArts
[2013/04/17 21:07:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lucasarts Collection
[2012/04/22 22:40:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Luxor Evolved
[2012/10/29 20:26:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mark of the Ninja
[2012/11/04 18:02:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mavericks
[2012/11/04 18:03:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mavericks 2
[2012/11/04 18:05:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mavericks 3 - Zero's Revenge
[2012/11/04 17:58:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mavericks Classics Collection
[2012/09/07 18:54:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McPixel
[2013/03/01 17:07:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mega Man Revolution
[2012/11/09 14:54:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MegaDudes
[2012/03/31 02:19:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MegamanDL2 v0.6
[2013/03/15 14:17:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Metal Gear Solid
[2012/03/01 20:46:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Metroid PC
[2012/04/15 18:10:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2013/02/02 23:58:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Chart Controls
[2012/10/26 21:58:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games
[2012/07/03 17:11:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012/01/02 01:28:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft LifeChat
[2010/11/03 02:08:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2013/02/20 01:03:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Security Client
[2013/03/14 01:02:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/09/09 01:48:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/11/19 16:18:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft XNA
[2012/10/03 19:17:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2013/05/20 12:28:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Midway Home Entertainment
[2013/02/18 16:56:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mmvsgng
[2013/02/18 16:57:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mmvsmetroid
[2013/04/04 16:16:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mojang
[2013/05/03 02:30:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/09/11 08:37:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2012/01/01 13:08:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\My Drivers
[2012/08/22 16:57:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NIGORO
[2013/02/24 17:37:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\No Time To Explain
[2010/11/03 02:40:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Norton Internet Security
[2010/11/03 02:39:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NortonInstaller
[2013/04/03 16:44:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/04/04 14:27:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OGPlanet
[2011/09/09 01:12:59 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Online Services
[2013/04/03 22:19:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenAL
[2012/10/07 18:41:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice.org 3
[2012/06/28 23:07:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Oracle
[2012/02/05 02:40:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
[2010/11/03 02:04:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PDF Complete
[2013/04/15 02:32:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PDoD
[2011/11/12 14:45:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PhotoFiltre
[2010/11/03 02:21:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PictureMover
[2012/08/12 11:28:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Platinum Hide IP 2012 v3.1.9.8 Final Full
[2013/01/07 18:54:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pokemon Mystery Gift Editor
[2013/03/26 19:03:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PopCap Games
[2011/12/09 21:39:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Postal2
[2011/12/09 21:39:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Postal2STP
[2011/12/23 17:27:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Project Black Sun
[2013/02/01 23:23:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Project64 1.6
[2013/04/11 19:28:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Project64 2.0
[2012/05/19 23:47:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\psx emulation cheater
[2013/01/07 18:51:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\R.G. Catalyst
[2013/05/22 23:15:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Raiden Legacy
[2012/01/15 13:18:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2012/10/10 12:00:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Retro city Rampage
[2012/11/10 13:21:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Retro City Rampage™
[2013/02/24 21:41:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Rockstar Games
[2013/03/16 21:39:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Runic Games
[2013/04/02 19:47:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Secret Identity Studios
[2012/01/05 18:26:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Security Task Manager
[2011/09/24 15:56:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Serious Sam 2
[2011/12/26 03:37:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Serious Sam HD - The Second Encounter
[2013/05/14 16:12:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Serious Sam Kamikaze Attack!
[2012/12/21 20:58:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Shadow Of The Game
[2012/08/22 14:11:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sierra On-Line
[2013/03/15 14:20:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SILLYSLARDY
[2012/10/28 17:53:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Skulltag
[2013/05/19 21:08:07 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2012/10/16 21:48:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Smart PC Solutions
[2012/09/19 22:51:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Smart Projects
[2012/10/23 22:59:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Smith Micro
[2012/02/23 12:46:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\softendo.com
[2011/10/22 21:25:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\solarus
[2011/09/09 12:57:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2013/02/06 13:44:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Square Soft, Inc
[2013/05/29 18:49:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2013/02/21 18:29:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Super House of Dead Ninjas
[2010/11/03 02:21:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Symantec
[2011/12/30 13:23:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
[2012/07/23 00:41:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Team Meat
[2011/10/13 18:31:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Team17
[2012/09/30 12:24:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Teletrooper
[2010/11/03 02:04:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2012/10/26 22:00:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\THQ
[2012/09/11 22:08:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\To the Moon
[2013/01/21 01:24:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Torchlight II
[2013/03/27 22:49:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Totally Tiny Arcade
[2013/01/07 18:57:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ubi Soft
[2013/04/06 03:43:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ubisoft
[2013/02/06 00:35:43 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2013/06/01 22:10:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Unproductive Fun Time
[2013/03/07 17:27:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Valley2
[2012/12/18 01:47:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VDownloader
[2011/09/27 20:15:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2012/01/13 01:23:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Voxatron
[2012/10/27 22:21:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VS Revo Group
[2012/06/05 01:42:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VVVVVV
[2011/11/13 18:56:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Warcraft III
[2012/08/21 21:40:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Waves
[2011/09/11 00:55:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2012/05/17 12:26:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2011/09/11 08:23:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2011/09/11 08:23:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2011/09/11 08:23:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2011/09/11 08:23:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2011/09/11 08:23:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2012/01/14 21:56:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\winLAME
[2011/09/11 00:18:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR
[2012/09/18 19:44:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Wolfenstein 3D
[2012/09/07 19:09:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Wooden Sensey
[2013/05/24 12:55:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\World of Warcraft
[2012/01/15 12:15:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\XBCD+
[2013/03/10 20:42:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ys Chronicles Plus I
[2013/03/15 13:48:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ys Chronicles Plus II
[2013/04/03 19:37:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yu-Gi-Oh Virtual Battle 5
[2011/11/03 19:08:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ZC2.10
[2012/07/08 19:17:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Zelda Mystery of Solarus DX
[2011/12/12 17:31:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Zelda Return of the Hylian
[2012/11/01 19:16:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Zombies
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2008/06/06 23:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2010/11/03 02:28:06 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/11/03 02:31:43 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/11/03 02:28:06 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2010/11/03 02:25:00 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/03 02:31:43 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/11/03 02:25:00 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/11/03 02:31:43 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/11/03 02:25:00 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/11/03 02:31:43 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010/11/03 02:28:06 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/11/03 02:25:00 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010/11/03 02:28:06 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\ERDNT\cache64\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\ERDNT\cache86\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/11/03 02:31:43 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/11/03 02:31:43 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 168 bytes -> C:\ProgramData\Temp:22446EB0
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:373E1720
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:6020C786

< End of report >