cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 23/03/2015 16:21:10 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zycx\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17691)
Locale: 0000080c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

4,00 Gb Total Physical Memory | 2,80 Gb Available Physical Memory | 69,91% Memory free
8,00 Gb Paging File | 5,91 Gb Available in Paging File | 73,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 526,43 Gb Free Space | 56,52% Space Free | Partition Type: NTFS
Drive F: | 9,83 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: ZYCX-PC | User Name: Zycx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found
PRC - C:\Users\Zycx\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (SysTool PasSame LIMITED)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\XTab\HPNotify.exe (XTab system)
PRC - C:\Program Files (x86)\XTab\ProtectService.exe (XTab system)
PRC - C:\Program Files (x86)\XTab\CmdShell.exe (SearchProtect)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll ()
MOD - C:\Program Files (x86)\SplitmediaLabs\XSplit\swresample-0.dll ()
MOD - C:\Program Files (x86)\SplitmediaLabs\XSplit\avformat-54.dll ()
MOD - C:\Program Files (x86)\SplitmediaLabs\XSplit\avutil-52.dll ()
MOD - C:\Program Files (x86)\SplitmediaLabs\XSplit\swscale-2.dll ()
MOD - C:\Program Files (x86)\SplitmediaLabs\XSplit\avcodec-54.dll ()


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - (Disc Soft Lite Bus Service) -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Disc Soft Ltd)
SRV:[b]64bit:[/b] - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (GfExperienceService) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation)
SRV:[b]64bit:[/b] - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:[b]64bit:[/b] - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:[b]64bit:[/b] - (AvastVBoxSvc) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Avast Software)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WindowsMangerProtect) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (SysTool PasSame LIMITED)
SRV - (IHProtect Service) -- C:\Program Files (x86)\XTab\ProtectService.exe (XTab system)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (c2cautoupdatesvc) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
SRV - (c2cpnrsvc) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - (dtlitescsibus) -- C:\Windows\SysNative\drivers\dtlitescsibus.sys (Disc Soft Ltd)
DRV:[b]64bit:[/b] - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:[b]64bit:[/b] - (aswSnx) -- C:\Windows\SysNative\drivers\aswsnx.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:[b]64bit:[/b] - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:[b]64bit:[/b] - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:[b]64bit:[/b] - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:[b]64bit:[/b] - (VBoxAswDrv) -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys (Avast Software)
DRV:[b]64bit:[/b] - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:[b]64bit:[/b] - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:[b]64bit:[/b] - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RTL8192cu) -- C:\Windows\SysNative\drivers\rtl8192cu.sys (Realtek Semiconductor Corporation )
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (Alpham1) -- C:\Windows\SysNative\drivers\Alpham164.sys (Ideazon Corporation)
DRV:[b]64bit:[/b] - (Alpham2) -- C:\Windows\SysNative\drivers\Alpham264.sys (Ideazon Corporation)
DRV:[b]64bit:[/b] - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1426512706&from=smt&uid=WDCXWD10EZRX-00L4HB0_WD-WCC4J258285582855&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1426512706&from=smt&uid=WDCXWD10EZRX-00L4HB0_WD-WCC4J258285582855&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
IE - HKLM\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.istartsurf.com/web/?type=dspp&ts=1426512737&from=smt&uid=WDCXWD10EZRX-00L4HB0_WD-WCC4J258285582855&q={searchTerms}
IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://be.msn.com/defaultf.aspx?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-be
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3D F6 2C C8 C3 6A CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=WDCXWD10EZRX-00L4HB0_WD-WCC4J258285582855&ts=1426512748&type=default&q={searchTerms}
IE - HKCU\..\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}: "URL" = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=WDCXWD10EZRX-00L4HB0_WD-WCC4J258285582855&ts=1426512748&type=default&q={searchTerms}
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.istartsurf.com/web/?type=dspp&ts=1426512737&from=smt&uid=WDCXWD10EZRX-00L4HB0_WD-WCC4J258285582855&q={searchTerms}
IE - HKCU\..\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}: "URL" = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=WDCXWD10EZRX-00L4HB0_WD-WCC4J258285582855&ts=1426512748&type=default&q={searchTerms}
IE - HKCU\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/01/27 22:45:59 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Zycx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.12_0\
CHR - Extension: No name found = C:\Users\Zycx\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Zycx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Zycx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\
CHR - Extension: No name found = C:\Users\Zycx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: No name found = C:\Users\Zycx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Chew7Hale] C:\Windows\SysNative\hale.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.224.172 89.2.0.1 89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{281FA535-8255-4903-9855-9F741F257821}: DhcpNameServer = 212.76.224.172 89.2.0.1 89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{281FA535-8255-4903-9855-9F741F257821}: NameServer = 89.2.0.1,89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{309B440A-A104-47E6-99EE-921450559A64}: DhcpNameServer = 212.76.224.172 89.2.0.1 89.2.0.2
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/12/25 19:50:24 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1999/12/12 00:00:00 | 000,000,069 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{1eee298e-cbd3-11e4-9eec-14dae9e2ae19}\Shell - "" = AutoRun
O33 - MountPoints2\{1eee298e-cbd3-11e4-9eec-14dae9e2ae19}\Shell\AutoRun\command - "" = F:\setup.exe -- [1999/12/12 00:00:00 | 005,897,509 | R--- | M] ( )
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe -- [1999/12/12 00:00:00 | 005,897,509 | R--- | M] ( )
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/03/23 13:18:36 | 000,000,000 | ---D | C] -- C:\Users\Zycx\AppData\Roaming\Enigma Software Group
[2015/03/18 22:26:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2015/03/17 13:21:04 | 000,000,000 | ---D | C] -- C:\Users\Zycx\AppData\Local\BANDAI NAMCO Games
[2015/03/17 13:21:03 | 000,000,000 | ---D | C] -- C:\Users\Zycx\AppData\Roaming\Steam
[2015/03/17 13:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragonball Xenoverse
[2015/03/17 13:00:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dragonball Xenoverse
[2015/03/16 14:41:20 | 000,000,000 | ---D | C] -- C:\Users\Zycx\Documents\Criterion Games
[2015/03/16 14:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed(TM) Most Wanted
[2015/03/16 14:37:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Need for Speed(TM) Most Wanted
[2015/03/16 14:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\IHProtectUpDate
[2015/03/16 14:33:17 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2015/03/16 14:33:17 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2015/03/16 14:33:16 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2015/03/16 14:33:14 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2015/03/16 14:33:14 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2015/03/16 14:33:08 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2015/03/16 14:32:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XTab
[2015/03/16 14:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect
[2015/03/16 14:27:41 | 000,030,352 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtlitescsibus.sys
[2015/03/16 14:27:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2015/03/16 14:27:38 | 000,000,000 | ---D | C] -- C:\Users\Zycx\AppData\Roaming\DAEMON Tools Lite
[2015/03/16 14:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2015/03/16 14:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2015/03/16 14:23:26 | 000,000,000 | ---D | C] -- C:\Users\Zycx\AppData\Roaming\MotioninJoy
[2015/03/16 14:22:36 | 000,328,712 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\MijFrc.dll
[2015/03/16 14:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
[2015/03/16 14:03:32 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2015/03/16 14:03:32 | 000,074,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\xusb21.sys
[2015/03/16 14:03:31 | 000,121,416 | ---- | C] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2015/03/16 14:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\MotioninJoy
[2015/03/16 14:02:53 | 000,000,000 | ---D | C] -- C:\Users\Zycx\Documents\Mannette ps3
[2015/03/14 14:49:03 | 000,000,000 | ---D | C] -- C:\Users\Zycx\Documents\Heroes of the Storm
[2015/03/14 13:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
[2015/03/14 13:45:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Heroes of the Storm
[2015/03/11 09:47:59 | 000,372,224 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/03/11 09:47:59 | 000,299,008 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/03/11 09:47:59 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015/03/11 09:47:58 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015/03/11 09:47:58 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015/03/11 09:47:58 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/03/11 09:47:58 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015/03/11 09:47:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015/03/11 09:47:57 | 003,179,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2015/03/11 09:47:57 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2015/03/11 09:47:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2015/03/11 09:47:51 | 005,554,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/03/11 09:47:51 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2015/03/11 09:47:50 | 011,411,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2015/03/11 09:47:49 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015/03/11 09:47:48 | 003,973,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/03/11 09:47:47 | 003,917,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/03/11 09:47:46 | 000,616,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2015/03/11 09:47:45 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2015/03/11 09:47:44 | 014,632,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2015/03/11 09:47:43 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2015/03/11 09:47:42 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2015/03/11 09:47:41 | 001,574,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2015/03/11 09:47:41 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2015/03/11 09:47:41 | 000,693,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2015/03/11 09:47:40 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2015/03/11 09:47:40 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2015/03/11 09:47:40 | 000,619,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2015/03/11 09:47:40 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2015/03/11 09:47:39 | 001,005,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2015/03/11 09:47:39 | 000,782,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2015/03/11 09:47:39 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2015/03/11 09:47:39 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2015/03/11 09:47:38 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2015/03/11 09:47:38 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/03/11 09:47:38 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015/03/11 09:47:37 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/03/11 09:47:36 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2015/03/11 09:47:36 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2015/03/11 09:47:35 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2015/03/11 09:47:35 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2015/03/11 09:47:35 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2015/03/11 09:47:35 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2015/03/11 09:47:35 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2015/03/11 09:47:35 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2015/03/11 09:47:35 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2015/03/11 09:47:34 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2015/03/11 09:47:34 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2015/03/11 09:47:34 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2015/03/11 09:47:33 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2015/03/11 09:47:31 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2015/03/11 09:47:31 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2015/03/11 09:47:31 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2015/03/11 09:47:31 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcadm.dll
[2015/03/11 09:47:30 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2015/03/11 09:47:30 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/03/11 09:47:30 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2015/03/11 09:47:29 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2015/03/11 09:47:29 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2015/03/11 09:47:29 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2015/03/11 09:47:29 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2015/03/11 09:47:29 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2015/03/11 09:47:29 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcawrk.exe
[2015/03/11 09:47:29 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmmsp.dll
[2015/03/11 09:47:28 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2015/03/11 09:47:28 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsp.dll
[2015/03/11 09:47:28 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2015/03/11 09:47:28 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/03/11 09:47:28 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/03/11 09:47:28 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2015/03/11 09:47:28 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2015/03/11 09:47:28 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcalua.exe
[2015/03/11 09:47:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2015/03/11 09:47:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2015/03/11 09:47:24 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaevts.dll
[2015/03/11 09:47:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2015/03/11 09:47:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/03/11 09:47:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2015/03/11 09:47:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2015/03/11 09:47:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2015/03/11 09:47:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2015/03/11 09:47:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/03/11 09:47:21 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2015/03/11 09:47:21 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2015/03/11 09:47:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2015/03/11 09:47:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2015/03/11 09:46:50 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2015/03/11 09:46:50 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll
[2015/03/11 09:46:44 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2015/03/11 09:46:42 | 001,067,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2015/03/11 09:46:39 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/03/11 09:46:38 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/03/11 09:46:37 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/03/11 09:46:37 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/03/11 09:46:37 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/03/11 09:46:37 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/03/11 09:46:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/03/11 09:46:36 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/03/11 09:46:36 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/03/11 09:46:36 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/03/11 09:46:35 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/03/11 09:46:34 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/03/11 09:46:34 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/03/11 09:46:27 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/03/11 09:46:27 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/03/11 09:46:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/03/11 09:46:26 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/03/11 09:46:26 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/03/11 09:46:26 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/03/11 09:46:25 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/03/11 09:46:25 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/03/11 09:46:24 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/03/11 09:46:24 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/03/11 09:46:22 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/03/11 09:46:21 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/03/11 09:46:21 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/03/11 09:46:20 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/03/11 09:46:20 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/03/11 09:46:20 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/03/11 09:46:20 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/03/11 09:46:19 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/03/11 09:46:19 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/03/11 09:46:19 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/03/11 09:46:18 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/03/11 09:46:18 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/03/11 09:46:17 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/03/11 09:46:16 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/03/11 09:46:15 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/03/11 09:46:14 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/03/11 09:46:13 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/03/11 09:46:13 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/03/11 09:46:12 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/03/11 09:46:12 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/03/11 09:46:12 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/03/11 09:46:11 | 006,035,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/03/11 09:46:11 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/03/11 09:46:10 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/03/11 09:46:09 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/03/11 09:46:06 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2015/03/11 09:46:06 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2015/02/23 21:51:31 | 000,000,000 | ---D | C] -- C:\Users\Zycx\Documents\Beatbox

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/03/23 16:23:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/03/23 16:21:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/03/23 16:16:30 | 000,019,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/03/23 16:16:30 | 000,019,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/03/23 15:49:18 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/03/23 15:49:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/03/23 14:30:02 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/03/23 13:11:35 | 000,000,494 | -H-- | M] () -- C:\Windows\tasks\PremiumAssist-S-4139837680.job
[2015/03/23 13:11:11 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2015/03/21 15:03:29 | 000,001,530 | ---- | M] () -- C:\Users\Zycx\Desktop\DBXV - Raccourci.lnk
[2015/03/21 11:30:55 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/03/19 12:00:01 | 538,245,983 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2015/03/17 13:08:41 | 000,001,071 | ---- | M] () -- C:\Users\Zycx\Desktop\Dragonball Xenoverse.lnk
[2015/03/16 14:55:30 | 000,001,378 | ---- | M] () -- C:\Users\Zycx\Desktop\Need for Speed(TM) Most Wanted - Raccourci.lnk
[2015/03/16 14:41:22 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed - Most Wanted.lnk
[2015/03/16 14:36:11 | 000,002,281 | ---- | M] () -- C:\Users\Zycx\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/03/16 14:36:11 | 000,001,457 | ---- | M] () -- C:\Users\Zycx\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015/03/16 14:27:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2015/03/16 14:27:45 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2015/03/16 14:27:41 | 000,030,352 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtlitescsibus.sys
[2015/03/16 14:27:41 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2015/03/16 14:22:41 | 000,000,947 | ---- | M] () -- C:\Users\Zycx\Application Data\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk
[2015/03/16 14:22:41 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2015/03/14 13:54:00 | 000,001,199 | ---- | M] () -- C:\Users\Public\Desktop\Heroes of the Storm.lnk
[2015/03/12 09:32:43 | 000,268,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/03/06 06:42:35 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/03/06 06:42:35 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/03/06 06:42:33 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/03/06 06:42:29 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/03/06 06:42:27 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/03/06 06:41:31 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/03/06 06:39:16 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/03/06 06:38:57 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/03/06 06:36:56 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/03/06 06:09:31 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/03/06 06:07:50 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/03/06 06:07:43 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/03/06 06:06:20 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/02/23 20:34:46 | 001,669,584 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/02/23 20:34:46 | 000,747,644 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2015/02/23 20:34:46 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/02/23 20:34:46 | 000,150,168 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2015/02/23 20:34:46 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/03/23 16:23:01 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/03/21 15:03:29 | 000,001,530 | ---- | C] () -- C:\Users\Zycx\Desktop\DBXV - Raccourci.lnk
[2015/03/18 22:26:52 | 538,245,983 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2015/03/17 13:08:41 | 000,001,071 | ---- | C] () -- C:\Users\Zycx\Desktop\Dragonball Xenoverse.lnk
[2015/03/16 14:55:30 | 000,001,378 | ---- | C] () -- C:\Users\Zycx\Desktop\Need for Speed(TM) Most Wanted - Raccourci.lnk
[2015/03/16 14:41:21 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed - Most Wanted.lnk
[2015/03/16 14:27:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2015/03/16 14:27:45 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2015/03/16 14:27:41 | 000,001,743 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2015/03/16 14:22:41 | 000,000,947 | ---- | C] () -- C:\Users\Zycx\Application Data\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk
[2015/03/16 14:22:41 | 000,000,923 | ---- | C] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2015/03/14 13:54:00 | 000,001,199 | ---- | C] () -- C:\Users\Public\Desktop\Heroes of the Storm.lnk
[2014/12/13 20:22:41 | 000,000,004 | ---- | C] () -- C:\Users\Zycx\AppData\Roaming\appdataFr2.bin
[2014/07/11 21:38:31 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2014/05/05 18:44:19 | 001,643,716 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 06:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 06:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\ *.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
Invalid Environment Variable: alluserprofile
Invalid Environment Variable: alluserprofile

[color=#A23BEC]< %appdata%\*. >[/color]
[2014/10/04 09:16:16 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Acreon
[2014/08/18 02:54:47 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Adobe
[2014/12/19 15:51:01 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\AVAST Software
[2015/01/10 16:50:49 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Battle.net
[2015/03/16 14:31:55 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\DAEMON Tools Lite
[2014/12/19 15:54:47 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Dropbox
[2015/03/23 13:28:02 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Enigma Software Group
[2014/09/15 01:26:26 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Guild Wars 2
[2014/05/05 18:36:37 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Identities
[2014/05/05 21:47:23 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\LolClient
[2014/05/05 21:47:21 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Macromedia
[2009/07/14 16:35:05 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Media Center Programs
[2015/01/14 19:09:30 | 000,000,000 | --SD | M] -- C:\Users\Zycx\AppData\Roaming\Microsoft
[2015/03/16 14:23:26 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\MotioninJoy
[2015/03/16 01:26:51 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Mumble
[2014/05/05 20:15:07 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\NVIDIA
[2014/05/05 20:13:17 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Riot Games
[2015/03/06 20:25:46 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Skype
[2014/11/28 22:43:16 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\SkypEmoticons
[2014/06/14 19:42:06 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs
[2015/03/17 13:21:03 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Steam
[2014/10/08 22:40:46 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Subversion
[2014/06/11 09:05:20 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Systweak
[2015/03/17 23:52:50 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\TS3Client
[2015/03/20 01:39:36 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\uTorrent
[2014/07/29 22:40:44 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\Windows Live Writer
[2014/06/10 14:42:08 | 000,000,000 | ---D | M] -- C:\Users\Zycx\AppData\Roaming\WinRAR

[color=#A23BEC]< %appdata%\*.exe /s >[/color]
[2014/10/04 09:16:19 | 000,272,384 | ---- | M] () -- C:\Users\Zycx\AppData\Roaming\Acreon\WowMatrix\Modules\curl.exe
[2015/01/14 19:09:30 | 006,337,536 | R--- | M] (Bossland GmbH) -- C:\Users\Zycx\AppData\Roaming\Microsoft\Installer\{6D8FB164-2A7D-43B2-A59E-E16BF568ACB0}\DesktopIcon.exe
[2014/11/28 20:25:19 | 005,679,008 | ---- | M] (SkypEmoticons) -- C:\Users\Zycx\AppData\Roaming\SkypEmoticons\SE.exe
[2014/03/12 16:50:28 | 000,386,888 | ---- | M] (SplitmediaLabs Limited) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\encprobe.exe
[2014/01/03 14:13:42 | 000,148,992 | ---- | M] (SplitmediaLabs Limited) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\VHMultiWriterExt.exe
[2014/03/12 16:50:28 | 000,412,488 | ---- | M] (SplitmediaLabs Limited) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\VHMultiWriterExt2.exe
[2014/03/12 16:50:28 | 001,792,328 | ---- | M] (SplitMediaLabs Limited) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\VHScrCapDlg32.exe
[2014/03/12 16:50:28 | 000,043,848 | ---- | M] (SplitMediaLabs) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\XDS.exe
[2014/03/12 16:50:28 | 002,660,680 | ---- | M] (SplitMediaLabs) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\XSplit.Core.exe
[2014/03/12 16:50:28 | 000,111,944 | ---- | M] (SplitmediaLabs Limited) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\XSplitBroadcasterSrc.exe
[2014/03/12 16:50:28 | 000,061,768 | ---- | M] (SplitmediaLabs Limited) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\XSplitCleanUp.exe
[2014/03/12 16:50:28 | 000,050,504 | ---- | M] (SplitMediaLabs) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\XSplitRegSrc.exe
[2014/03/12 16:55:08 | 000,039,448 | ---- | M] (SplitMediaLabs) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\XSplitRegSrc40.exe
[2014/03/12 16:50:28 | 000,040,776 | ---- | M] () -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\XSplitUtils.exe
[2014/03/12 16:50:28 | 000,185,672 | ---- | M] (SplitMediaLabs) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\XSplit_Plugin_Installer.exe
[2014/03/12 16:55:02 | 000,330,264 | ---- | M] (SplitMediaLabs) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\xsplit_updater.exe
[2014/03/12 16:55:05 | 002,663,448 | ---- | M] (SplitMediaLabs) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\3GB-aware\XSplit.Core.exe
[2014/03/12 16:50:28 | 000,055,624 | ---- | M] (SplitMediaLabs) -- C:\Users\Zycx\AppData\Roaming\SplitmediaLabs\XSplit\install\BAA9DC7\x64\XGS64.exe
[2014/05/22 17:13:42 | 000,644,616 | ---- | M] (Systweak Software ) -- C:\Users\Zycx\AppData\Roaming\Systweak\ssd\SSDPTstub.exe
[2014/11/23 19:17:36 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Zycx\AppData\Roaming\uTorrent\uTorrent.exe
[2014/08/18 02:11:46 | 001,942,096 | ---- | M] (BitTorrent Inc.) -- C:\Users\Zycx\AppData\Roaming\uTorrent\updates\3.4.2_33023.exe
[2014/11/13 00:04:19 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Zycx\AppData\Roaming\uTorrent\updates\3.4.2_34944.exe
[2014/11/23 19:17:36 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Zycx\AppData\Roaming\uTorrent\updates\3.4.2_35702.exe

[color=#A23BEC]< %systemdrive%\*. >[/color]
[2014/07/26 12:19:30 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2014/05/09 09:46:41 | 000,000,000 | ---D | M] -- C:\b60d8f80b4f328b462d4e646d49f31
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2014/10/19 17:05:56 | 000,000,000 | ---D | M] -- C:\MATS
[2009/07/14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2015/03/23 13:28:02 | 000,000,000 | R--D | M] -- C:\Program Files
[2015/03/17 13:00:03 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2015/03/16 14:33:23 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2014/05/05 18:35:51 | 000,000,000 | -HSD | M] -- C:\Recovery
[2014/06/30 17:49:27 | 000,000,000 | ---D | M] -- C:\Riot Games
[2015/03/23 16:23:50 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2014/05/05 18:36:00 | 000,000,000 | R--D | M] -- C:\Users
[2015/03/19 12:00:01 | 000,000,000 | ---D | M] -- C:\Windows

[color=#A23BEC]< %systemdrive%\*.exe >[/color]

[color=#A23BEC]< %programfiles%\*. >[/color]
[2014/08/18 02:24:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2014/09/29 14:17:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies
[2015/03/21 23:24:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Battle.net
[2014/07/11 21:38:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Belkin
[2014/12/25 19:40:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BuyNsave
[2014/10/08 22:37:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2014/12/19 15:53:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DeltaFix
[2015/03/21 15:03:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dragonball Xenoverse
[2014/08/25 09:06:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Glyph
[2014/12/25 19:51:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2014/09/21 23:32:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Guild Wars 2
[2015/03/19 19:10:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hearthstone
[2015/03/14 22:05:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Heroes of the Storm
[2014/07/11 21:38:27 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2015/03/12 09:30:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2014/10/16 00:10:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft ASP.NET
[2014/07/14 20:12:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft OneDrive
[2014/07/14 20:21:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2014/05/05 18:43:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2014/08/21 21:03:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mumble
[2015/03/16 14:41:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Need for Speed(TM) Most Wanted
[2014/12/09 17:54:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/05/05 20:13:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2014/10/02 16:03:30 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2014/06/14 19:44:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SplitmediaLabs
[2009/07/14 05:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2014/05/12 08:34:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2014/07/14 20:21:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2014/05/08 14:06:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2015/03/12 09:30:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2014/05/08 14:06:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2014/05/08 14:06:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2014/05/08 14:06:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2015/02/28 09:05:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\World of Warcraft
[2015/03/16 14:33:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\XTab
[2014/12/25 19:40:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\YoutubeAdBlocke

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014/03/04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/11/13 00:11:18 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=87A00ED70FEC36D0DD968E5058C29AA1 -- C:\Windows\SysNative\winlogon.exe
[2014/03/04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\ProgramData\Microsoft\Windows\SXS\64\winlogon.exe
[2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Users\All Users\Microsoft\Windows\SXS\64\winlogon.exe
[2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< End of report >

Publicité


Signaler le contenu de ce document

Publicité