cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 09/05/2014 12:46:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jeremy.Jeremy-PC\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,87 Gb Total Physical Memory | 2,63 Gb Available Physical Memory | 68,02% Memory free
7,73 Gb Paging File | 6,36 Gb Available in Paging File | 82,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,87 Gb Total Space | 275,27 Gb Free Space | 59,99% Space Free | Partition Type: NTFS
Drive D: | 458,87 Gb Total Space | 76,16 Gb Free Space | 16,60% Space Free | Partition Type: NTFS
Drive E: | 5,12 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: JEREMY-PC | User Name: Jeremy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\Jeremy.Jeremy-PC\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\webget\updatewebget.exe ()
PRC - C:\Program Files (x86)\webget\bin\utilwebget.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\OEM\USBDECTION\USBS3S4Detection.exe ()
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll ()
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (Update webget) -- C:\Program Files (x86)\webget\updatewebget.exe ()
SRV - (Util webget) -- C:\Program Files (x86)\webget\bin\utilwebget.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (USBS3S4Detection) -- C:\OEM\USBDECTION\USBS3S4Detection.exe ()
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64) -- C:\Windows\SysNative\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys (StdLib)
DRV:[b]64bit:[/b] - ({2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64) -- C:\Windows\SysNative\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys (StdLib)
DRV:[b]64bit:[/b] - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV:[b]64bit:[/b] - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:[b]64bit:[/b] - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:[b]64bit:[/b] - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (e1kexpress) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:[b]64bit:[/b] - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:[b]64bit:[/b] - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:[b]64bit:[/b] - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:[b]64bit:[/b] - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:[b]64bit:[/b] - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:[b]64bit:[/b] - (PAC207) -- C:\Windows\SysNative\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_frFR549FR549
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0
FF - prefs.js..browser.search.defaultenginename: "Mysearchdial"


FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/08/12 20:00:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\mozilla\Extensions
[2014/05/08 22:29:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\mozilla\Firefox\Profiles\1vj8te77.default\Extensions
[2013/08/13 10:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\mozilla\Firefox\Profiles\1vj8te77.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2013/11/20 21:08:30 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\mozilla\Firefox\Profiles\1vj8te77.default\Extensions\cacaoweb@cacaoweb.org
[2014/01/18 16:34:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\mozilla\Firefox\Profiles\1vj8te77.default\Extensions\staged
[2014/05/09 10:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\mozilla\Firefox\Profiles\390pwdo4.default-1376384338154\extensions
[2013/11/20 21:08:30 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\mozilla\Firefox\Profiles\390pwdo4.default-1376384338154\extensions\cacaoweb@cacaoweb.org
[2014/05/09 10:18:45 | 000,008,893 | ---- | M] () (No name found) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\mozilla\firefox\profiles\1vj8te77.default\Extensions\{9edd0ea8-2819-47c2-8320-b007d5996f8a}.xpi
[2014/05/09 10:18:48 | 000,008,893 | ---- | M] () (No name found) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\mozilla\firefox\profiles\390pwdo4.default-1376384338154\extensions\{9edd0ea8-2819-47c2-8320-b007d5996f8a}.xpi
[2014/05/01 10:45:00 | 000,957,880 | ---- | M] () (No name found) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\mozilla\firefox\profiles\390pwdo4.default-1376384338154\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/12 20:48:43 | 000,006,547 | ---- | M] () -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\mozilla\firefox\profiles\1vj8te77.default\searchplugins\babylon.xml
[2014/01/16 21:33:15 | 000,000,841 | ---- | M] () -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\mozilla\firefox\profiles\1vj8te77.default\searchplugins\Mysearchdial.xml
[2014/05/08 22:24:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Extensions
[2013/09/18 13:58:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/03/30 09:30:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (webget) - {dc264a72-fa75-4948-b881-ea8eff8e5dd2} - C:\Program Files (x86)\webget\webgetBHO.dll (webget)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [startertv_fr_10] File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{278109F7-FE05-449E-A0C2-44ADD6575B42}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70640E0B-701F-4CD8-8112-45C660FE38FE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/05/07 23:05:23 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/11/10 15:42:24 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{3d8dab9f-bf2b-11e3-a164-90fba646e560}\Shell - "" = AutoRun
O33 - MountPoints2\{3d8dab9f-bf2b-11e3-a164-90fba646e560}\Shell\AutoRun\command - "" = E:\install.exe -- [2011/06/10 23:14:22 | 000,378,880 | R--- | M] (Install.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014/05/09 00:08:09 | 000,061,112 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys
[2014/05/08 22:29:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\webget
[2014/05/08 22:24:11 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/05/08 22:23:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/07 22:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014/05/07 22:09:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014/05/07 01:02:15 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Local\Blizzard Entertainment
[2014/05/06 19:56:06 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/05/06 19:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centre Souris et Claviers Microsoft
[2014/05/06 19:47:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2014/05/06 15:44:17 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/06 15:44:17 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/05 22:53:04 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Local\LogMeIn Hamachi
[2014/05/05 22:53:04 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Local\LogMeIn
[2014/05/05 22:53:04 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2014/05/05 22:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014/05/05 22:52:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014/05/04 23:09:20 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\.minecraft
[2014/05/04 23:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/05/04 23:08:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/05/04 23:08:53 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/05/04 23:08:49 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/05/04 23:08:49 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/05/04 23:08:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/05/04 23:08:48 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/05/04 23:08:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/04/27 10:54:21 | 000,061,120 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys
[2014/04/27 09:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Local\EmieUserList
[2014/04/27 09:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Local\EmieSiteList
[2014/04/27 09:21:19 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\MotioninJoy
[2014/04/27 09:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
[2014/04/27 09:21:01 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2014/04/27 09:21:01 | 000,328,712 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\MijFrc.dll
[2014/04/27 09:21:01 | 000,121,416 | ---- | C] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2014/04/27 09:21:01 | 000,074,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\xusb21.sys
[2014/04/27 09:21:01 | 000,000,000 | ---D | C] -- C:\Program Files\MotioninJoy
[2014/04/27 08:38:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/04/27 08:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/04/27 08:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/04/27 08:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/04/27 08:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/04/27 00:49:21 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\DarkSoulsII
[2014/04/27 00:49:13 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Local\Game Updater
[2014/04/26 19:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dark Souls 2
[2014/04/26 18:44:20 | 000,000,000 | ---D | C] -- C:\Games
[2014/04/26 18:43:07 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Local\Setup Integrity Check
[2014/04/26 15:10:41 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\LolClient
[2014/04/26 00:38:59 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2014/04/26 00:38:59 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2014/04/26 00:38:58 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2014/04/26 00:38:28 | 000,000,000 | ---D | C] -- C:\Riot Games
[2014/04/26 00:38:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[2014/04/26 00:34:32 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Local\PMB Files
[2014/04/26 00:34:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2014/04/26 00:34:05 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Riot Games
[2014/04/19 10:16:46 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\NVIDIA
[2014/04/17 22:42:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Elder Scrolls V Skyrim
[2014/04/17 17:26:13 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\AppData\Local\Skyrim
[2014/04/17 17:12:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2014/04/16 08:44:18 | 000,000,000 | ---D | C] -- C:\Users\Jeremy.Jeremy-PC\Desktop\Jeux
[2014/04/15 22:36:50 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/04/15 22:36:50 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/04/15 22:36:48 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/04/15 22:36:44 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/04/15 22:36:43 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/04/15 22:36:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/04/15 22:36:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/04/15 22:36:42 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/04/15 22:36:42 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/04/15 22:36:42 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/04/15 22:36:41 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/04/15 22:36:41 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/04/15 22:36:41 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/04/15 22:36:40 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/04/15 22:36:40 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/04/15 22:36:40 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/04/15 22:36:40 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/04/15 22:36:40 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/04/15 22:36:40 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/04/15 22:36:38 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/04/15 22:36:38 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/04/15 22:36:38 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/04/15 22:36:38 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/04/15 22:36:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/04/15 22:36:37 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/04/15 22:36:37 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/04/15 22:36:34 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/04/15 22:36:33 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/04/15 22:36:30 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/04/11 19:24:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2014/04/09 19:16:15 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/04/09 19:16:15 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/04/09 19:16:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/04/09 19:16:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/04/09 19:16:13 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/04/09 19:16:12 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/04/09 19:16:12 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/04/09 19:16:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/04/09 19:16:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/04/09 19:16:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/04/09 19:16:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/04/09 19:16:11 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/04/09 19:16:11 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/04/09 19:16:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2009/11/26 19:31:51 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014/05/09 12:47:43 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/05/09 12:29:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/09 12:03:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/09 09:52:19 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/09 09:52:19 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/09 09:49:23 | 001,668,788 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/05/09 09:49:23 | 000,747,446 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2014/05/09 09:49:23 | 000,654,056 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/05/09 09:49:23 | 000,149,970 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2014/05/09 09:49:23 | 000,121,928 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/05/09 09:47:06 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/09 09:44:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/09 09:44:39 | 3113,558,016 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/08 23:32:16 | 000,000,826 | ---- | M] () -- C:\Users\Jeremy.Jeremy-PC\Desktop\CCleaner.lnk
[2014/05/08 23:00:05 | 000,107,256 | ---- | M] () -- C:\Users\Jeremy.Jeremy-PC\Documents\cc_20140508_225949.reg
[2014/05/08 22:29:16 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/05/08 22:22:24 | 000,489,984 | ---- | M] () -- C:\Users\Jeremy.Jeremy-PC\Desktop\cacaoweb.exe
[2014/05/07 23:05:23 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014/05/07 16:06:16 | 000,061,112 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys
[2014/05/07 11:11:00 | 000,343,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/05/06 19:47:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2014/05/06 19:44:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/05/04 23:08:41 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/05/04 23:08:38 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/05/04 23:08:38 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/05/04 23:08:37 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/05/04 23:03:42 | 001,106,756 | ---- | M] () -- C:\Users\Jeremy.Jeremy-PC\Desktop\KeiNett Launcher.exe
[2014/04/29 11:29:34 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/04/29 11:29:34 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/27 09:36:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014/04/27 09:36:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2014/04/27 09:21:02 | 000,000,951 | ---- | M] () -- C:\Users\Jeremy.Jeremy-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk
[2014/04/27 09:21:02 | 000,000,927 | ---- | M] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2014/04/27 08:38:31 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/04/26 00:44:43 | 000,000,426 | ---- | M] () -- C:\AVScanner.ini
[2014/04/24 12:32:28 | 000,061,120 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys
[2014/04/19 11:08:58 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/19 11:08:56 | 000,001,457 | ---- | M] () -- C:\Users\Jeremy.Jeremy-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/14 04:24:46 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/04/14 04:19:37 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/05/09 12:47:43 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/05/08 23:32:16 | 000,000,826 | ---- | C] () -- C:\Users\Jeremy.Jeremy-PC\Desktop\CCleaner.lnk
[2014/05/08 22:59:53 | 000,107,256 | ---- | C] () -- C:\Users\Jeremy.Jeremy-PC\Documents\cc_20140508_225949.reg
[2014/05/07 23:05:23 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014/05/06 19:47:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2014/05/06 19:44:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/05/04 23:03:38 | 001,106,756 | ---- | C] () -- C:\Users\Jeremy.Jeremy-PC\Desktop\KeiNett Launcher.exe
[2014/04/27 09:36:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014/04/27 09:36:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2014/04/27 09:21:02 | 000,000,951 | ---- | C] () -- C:\Users\Jeremy.Jeremy-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk
[2014/04/27 09:21:02 | 000,000,927 | ---- | C] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2014/04/27 08:38:31 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/04/26 08:40:42 | 000,000,426 | ---- | C] () -- C:\AVScanner.ini
[2014/02/25 22:37:57 | 001,642,920 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/01/16 22:33:01 | 000,000,057 | ---- | C] () -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\WB.CFG
[2013/09/20 18:19:29 | 000,000,577 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013/08/24 11:54:07 | 000,000,008 | ---- | C] () -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\DofusAppId0_3
[2013/08/13 13:45:48 | 000,000,008 | ---- | C] () -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\DofusAppId0_2
[2013/08/12 23:46:32 | 000,000,129 | ---- | C] () -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\D2Info0
[2013/08/12 23:46:32 | 000,000,008 | ---- | C] () -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\DofusAppId0_1
[2011/08/28 22:33:33 | 000,000,000 | ---- | C] () -- C:\ProgramData\619f432eec78f74c9513e149bdb88aa7_c

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\ *.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
Invalid Environment Variable: alluserprofile
Invalid Environment Variable: alluserprofile

[color=#A23BEC]< %appdata%\*. >[/color]
[2014/05/05 23:00:28 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\.minecraft
[2013/10/09 21:27:17 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Adobe
[2013/08/13 13:46:08 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\AnkamaCertificates
[2013/08/12 23:46:35 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\app
[2013/12/01 21:46:21 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Apple Computer
[2013/08/12 20:48:20 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Babylon
[2014/05/08 10:00:36 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\cacaoweb
[2014/05/08 22:31:37 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\DAEMON Tools Lite
[2014/04/27 08:53:10 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\DarkSoulsII
[2013/08/12 23:46:35 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Dofus
[2013/08/13 13:45:48 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Dofus-2
[2013/08/24 11:54:07 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Dofus-3
[2014/04/05 17:30:24 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Dofus2
[2013/08/12 20:48:58 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\DVDVideoSoft
[2013/08/12 19:43:02 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Google
[2013/08/12 19:40:08 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Identities
[2013/09/20 18:13:40 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\IsolatedStorage
[2014/04/26 15:10:41 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\LolClient
[2013/08/12 20:02:12 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Macromedia
[2009/07/14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Media Center Programs
[2014/05/07 23:08:48 | 000,000,000 | --SD | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Microsoft
[2014/04/27 09:21:19 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\MotioninJoy
[2013/08/12 20:00:51 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Mozilla
[2014/02/09 20:43:54 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Nero
[2014/04/20 10:12:31 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Notepad++
[2014/04/19 10:16:46 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\NVIDIA
[2013/08/12 20:47:55 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\OpenCandy
[2014/04/19 11:09:08 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\qone8
[2013/08/12 23:46:57 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Reg
[2013/08/12 23:46:35 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2014/04/26 00:34:16 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Riot Games
[2014/05/09 12:42:35 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Skype
[2013/09/20 18:13:27 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Solvusoft
[2014/04/08 18:08:08 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\SupTab
[2013/12/22 21:13:23 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\TERA
[2013/08/12 21:00:03 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\TuneUp Software
[2014/05/08 22:31:37 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\uTorrent
[2013/08/29 18:11:39 | 000,000,000 | ---D | M] -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\WinRAR

[color=#A23BEC]< %appdata%\*.exe /s >[/color]
[2014/04/09 13:30:34 | 000,489,984 | ---- | M] () -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\cacaoweb\cacaoweb.exe
[2014/02/22 09:34:09 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013/07/15 19:09:12 | 000,786,416 | ---- | M] () -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\OpenCandy\824BD83E015242A0A9D219E1C7D7E63B\DeltaTB.exe
[2013/02/15 04:25:56 | 028,604,832 | ---- | M] (TuneUp Software) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\OpenCandy\EFD3841DCD76434E88B1A1E0AFA9AF01\TuneUpUtilities2013-2200324_fr-FR.exe
[2014/04/07 17:44:51 | 001,671,248 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\uTorrent\uTorrent.exe
[2014/04/07 17:44:51 | 001,671,248 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jeremy.Jeremy-PC\AppData\Roaming\uTorrent\updates\3.4.1_30768.exe

[color=#A23BEC]< %systemdrive%\*. >[/color]
[2013/08/12 19:40:03 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2014/05/08 22:24:39 | 000,000,000 | ---D | M] -- C:\AdwCleaner
[2014/05/08 09:59:38 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2014/04/26 18:44:20 | 000,000,000 | ---D | M] -- C:\Games
[2009/11/26 19:17:08 | 000,000,000 | ---D | M] -- C:\Intel
[2009/11/26 19:39:43 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2013/08/13 11:03:37 | 000,000,000 | RHSD | M] -- C:\network
[2013/08/12 20:14:21 | 000,000,000 | -H-D | M] -- C:\OEM
[2009/07/14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2014/05/07 22:09:20 | 000,000,000 | R--D | M] -- C:\Program Files
[2014/05/08 22:29:09 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2014/05/08 22:24:38 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013/08/12 19:37:20 | 000,000,000 | -HSD | M] -- C:\Recovery
[2014/04/26 00:38:28 | 000,000,000 | ---D | M] -- C:\Riot Games
[2011/10/18 18:57:15 | 000,000,000 | ---D | M] -- C:\SG Interactive
[2013/09/20 18:11:07 | 000,000,000 | ---D | M] -- C:\Spacekace
[2014/05/09 12:48:06 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013/08/13 01:26:21 | 000,000,000 | R--D | M] -- C:\Users
[2010/06/15 17:29:14 | 000,000,000 | ---D | M] -- C:\WebCam
[2014/05/09 09:44:48 | 000,000,000 | ---D | M] -- C:\Windows

[color=#A23BEC]< %systemdrive%\*.exe >[/color]

[color=#A23BEC]< %programfiles%\*. >[/color]
[2013/08/12 20:02:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer
[2014/04/20 10:11:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer GameZone
[2013/08/12 20:17:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2014/04/09 11:56:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies
[2013/12/01 21:23:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2013/12/01 21:23:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2014/05/07 22:09:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2014/04/08 18:05:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013/08/12 20:17:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dofus2
[2013/08/12 20:48:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DVDVideoSoft
[2009/11/26 19:47:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EgisTec
[2009/11/26 19:48:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EgisTec Egis Software Update
[2009/11/26 19:57:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\eSobi
[2013/08/12 20:02:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2014/04/23 19:37:18 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2009/11/26 19:24:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2014/04/16 08:38:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2014/04/27 08:38:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2014/05/04 23:08:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2014/05/05 22:52:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013/08/12 19:48:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2013/08/17 11:31:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2009/11/26 19:43:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
[2014/04/03 22:13:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Security Client
[2014/03/15 10:22:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/08/12 19:49:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013/08/12 19:55:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/08/13 01:16:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2014/04/11 19:24:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft XNA
[2013/08/14 12:22:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2014/03/30 09:30:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2013/08/16 00:36:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2009/11/26 19:52:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero
[2009/11/26 19:38:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NewTech Infosystems
[2014/04/20 10:12:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Notepad++
[2014/04/09 11:56:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/04/26 00:34:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
[2014/04/08 21:54:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PAYDAY 2
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2014/03/08 00:14:02 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2014/04/08 18:27:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Southpark Stick of Truth
[2014/05/08 22:31:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2013/08/12 19:18:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2013/12/24 12:02:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TERA
[2014/04/18 23:06:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\The Elder Scrolls V Skyrim
[2009/07/14 06:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2014/05/09 09:44:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\webget
[2013/08/15 09:48:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2013/08/12 19:50:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2013/08/12 19:48:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
[2013/08/14 12:08:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2013/12/12 18:33:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2013/08/14 12:08:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2013/08/14 12:08:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2013/08/14 12:08:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2013/08/29 18:11:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:B1FBBD09

< End of report >

Publicité


Signaler le contenu de ce document

Publicité