cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 2016-02-06 18:17:28 - Run
OTLPE by OldTimer - Version 3.1.29.0 Folder = Y:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 30,31 Gb Total Space | 15,38 Gb Free Space | 50,75% Space Free | Partition Type: NTFS
Drive D: | 56,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 100,00 Mb Total Space | 70,35 Mb Free Space | 70,35% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 253,08 Mb Total Space | 250,65 Mb Free Space | 99,04% Space Free | Partition Type: NTFS
Drive Y: | 548,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MININT-PEYC73
Current User Name: Système
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2016-01-19 17:43:46 | 001,849,704 | ---- | M] (Oracle Corporation) [Auto] -- C:\Windows\System32\VBoxService.exe -- (VBoxService)
SRV:64bit: - [2015-08-19 09:57:32 | 007,743,472 | ---- | M] (Reimage®) [Disabled] -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe -- (ReimageRealTimeProtector)
SRV:64bit: - [2013-09-07 01:33:10 | 000,527,360 | -HS- | M] () [Disabled] -- C:\Program Files\KMSpico\Service_KMS.exe -- (Service KMSELDI)
SRV:64bit: - [2010-11-21 04:25:14 | 001,504,256 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\wbengine.exe -- (wbengine)
SRV:64bit: - [2010-11-21 04:25:14 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\FXSSVC.exe -- (Fax)
SRV:64bit: - [2010-11-21 04:24:51 | 000,232,448 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2010-11-21 04:24:51 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2010-11-21 04:24:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2010-11-21 04:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2010-11-21 04:23:56 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2010-11-21 04:23:54 | 001,137,664 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV:64bit: - [2009-07-14 02:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009-07-14 02:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009-07-14 02:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\umpo.dll -- (Power)
SRV:64bit: - [2009-07-14 02:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV:64bit: - [2009-07-14 02:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009-07-14 02:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009-07-14 02:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009-07-14 02:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009-07-14 02:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009-07-14 02:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009-07-14 02:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009-07-14 02:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\bthserv.dll -- (bthserv)
SRV:64bit: - [2009-07-14 02:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009-07-14 02:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2016-02-06 17:16:10 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016-01-31 00:03:02 | 000,000,000 | ---D | M] [Disabled] -- C:\Program Files (x86)\Google\Desktop\Install\{54ea0dce-1abd-14d2-896b-1dd2ce562286}\ \...\? [WARNING: C:\Program Files (x86)\Google\Desktop\Install\{54ea0dce-1abd-14d2-896b-1dd2ce562286}\ \...\?] -- (. etadpug) Google Update Service (gupdate)
SRV - [2016-01-30 21:59:11 | 000,194,032 | ---- | M] (Google) [On_Demand] -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2016-01-30 21:57:08 | 000,154,440 | ---- | M] (Google Inc.) [On_Demand] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdatem) Service Google Update (gupdatem)
SRV - [2016-01-30 21:57:08 | 000,154,440 | ---- | M] (Google Inc.) [Auto] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate) Service Google Update (gupdate)
SRV - [2016-01-24 03:14:52 | 000,146,888 | ---- | M] (Mozilla Foundation) [Disabled] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016-01-12 16:24:50 | 001,048,488 | ---- | M] (AVG Technologies CZ, s.r.o.) [Disabled] -- C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe -- (avgsvc)
SRV - [2015-12-18 02:09:14 | 003,267,408 | ---- | M] (Crawler Group, LLC) [Disabled] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2015-12-07 18:43:42 | 000,038,136 | ---- | M] (Panda Security, S.L.) [Disabled] -- C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe -- (PSUAService)
SRV - [2015-12-07 09:25:20 | 000,142,072 | ---- | M] (Panda Security, S.L.) [Disabled] -- C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe -- (NanoServiceMain)
SRV - [2015-06-29 22:58:28 | 000,039,368 | ---- | M] (Optimal Software s.r.o.) [Disabled] -- C:\Program Files (x86)\Accelerer PC\SpeedCheckerService.exe -- (SCService)
SRV - [2015-06-29 22:58:22 | 000,445,384 | ---- | M] (Optimal Software s.r.o.) [Disabled] -- C:\Program Files (x86)\Accelerer PC\PCSUService.exe -- (PCSUService)
SRV - [2015-04-16 09:49:43 | 000,118,048 | ---- | M] (Elex do Brasil Participações Ltda) [Auto] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe -- (iSafeService)
SRV - [2014-06-27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) [Disabled] -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe -- (SDUpdateService)
SRV - [2014-06-24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) [Disabled] -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe -- (SDScannerService)
SRV - [2014-04-25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) [Disabled] -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe -- (SDWSCService)
SRV - [2011-11-29 19:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files (x86)\Norton 360\Engine\6.0.0.145\ccSvcHst.exe -- (N360)
SRV - [2010-11-21 04:25:10 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2010-11-21 04:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2010-11-20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009-07-14 04:20:14 | 000,000,000 | ---D | M] [On_Demand] -- C:\Windows\Vss -- (VSS)
SRV - [2009-07-14 04:20:14 | 000,000,000 | ---D | M] [On_Demand] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009-07-13 21:30:11 | 000,061,056 | ---- | M] () [On_Demand] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009-06-10 21:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2016-01-31 00:02:44 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2016-01-30 22:20:38 | 000,020,160 | ---- | M] (Glarysoft Ltd) [Kernel | System] -- C:\Windows\System32\drivers\GUBootStartup.sys -- (GUBootStartup)
DRV:64bit: - [2016-01-19 17:43:58 | 000,166,672 | ---- | M] (Oracle Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\VBoxGuest.sys -- (VBoxGuest)
DRV:64bit: - [2016-01-19 17:43:42 | 000,303,704 | ---- | M] (Oracle Corporation) [File_System | System] -- C:\Windows\System32\drivers\VBoxSF.sys -- (VBoxSF)
DRV:64bit: - [2016-01-19 17:43:42 | 000,130,128 | ---- | M] (Oracle Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VBoxMouse.sys -- (VBoxMouse)
DRV:64bit: - [2016-01-19 17:43:40 | 000,154,360 | ---- | M] (Oracle Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VBoxVideo.sys -- (VBoxVideo)
DRV:64bit: - [2015-12-04 10:47:57 | 000,106,232 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\NNStlsc.sys -- (NNSTLSC)
DRV:64bit: - [2015-12-04 10:47:56 | 000,257,784 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\NNSStrm.sys -- (NNSSTRM)
DRV:64bit: - [2015-12-04 10:47:56 | 000,113,400 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\NNSSmtp.sys -- (NNSSMTP)
DRV:64bit: - [2015-12-04 10:47:55 | 000,300,280 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\NNSProt.sys -- (NNSPROT)
DRV:64bit: - [2015-12-04 10:47:55 | 000,170,232 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\NNSPrv.sys -- (NNSPRV)
DRV:64bit: - [2015-12-04 10:47:54 | 000,124,152 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\NNSPop3.sys -- (NNSPOP3)
DRV:64bit: - [2015-12-04 10:47:53 | 000,073,464 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\NNSPihsw.sys -- (NNSPIHSW)
DRV:64bit: - [2015-12-04 10:47:52 | 000,110,840 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\NNSIds.sys -- (NNSIDS)
DRV:64bit: - [2015-12-04 10:47:52 | 000,103,160 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\NNSpicc.sys -- (NNSPICC)
DRV:64bit: - [2015-12-04 10:47:51 | 000,201,464 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\NNSHttp.sys -- (NNSHTTP)
DRV:64bit: - [2015-12-04 10:47:51 | 000,110,840 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\NNSHttps.sys -- (NNSHTTPS)
DRV:64bit: - [2015-12-04 10:47:50 | 000,094,456 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\NNSAlpc.sys -- (NNSALPC)
DRV:64bit: - [2015-12-04 04:46:55 | 000,136,952 | ---- | M] (Panda Security, S.L.) [Kernel | Auto] -- C:\Windows\System32\drivers\PSINProt.sys -- (PSINProt)
DRV:64bit: - [2015-12-04 04:46:32 | 000,124,152 | ---- | M] (Panda Security, S.L.) [File_System | Auto] -- C:\Windows\System32\drivers\PSINProc.sys -- (PSINProc)
DRV:64bit: - [2015-11-29 18:46:33 | 000,107,768 | ---- | M] (Panda Security, S.L.) [Kernel | Auto] -- C:\Windows\System32\drivers\PSINReg.sys -- (PSINReg)
DRV:64bit: - [2015-11-29 18:44:02 | 000,120,056 | ---- | M] (Panda Security, S.L.) [File_System | Auto] -- C:\Windows\System32\drivers\PSINFile.sys -- (PSINFile)
DRV:64bit: - [2015-11-22 05:26:58 | 000,164,088 | ---- | M] (Panda Security, S.L.) [Kernel | Auto] -- C:\Windows\System32\drivers\PSINAflt.sys -- (PSINAflt)
DRV:64bit: - [2015-11-22 05:20:42 | 000,197,880 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\PSINKNC.sys -- (PSINKNC)
DRV:64bit: - [2015-09-10 02:55:42 | 000,067,976 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System] -- C:\Windows\System32\drivers\iSafeNetFilter.sys -- (iSafeNetFilter)
DRV:64bit: - [2015-05-22 09:45:59 | 000,061,712 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\PSKMAD.sys -- (PSKMAD)
DRV:64bit: - [2015-04-27 10:10:03 | 000,048,912 | ---- | M] (Panda Security, S.L.) [Kernel | System] -- C:\Windows\System32\drivers\NNSNAHSL.sys -- (NNSNAHSL)
DRV:64bit: - [2015-04-16 09:55:45 | 000,053,568 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | On_Demand] -- C:\Windows\System32\drivers\iSafeKrnlBoot.sys -- (iSafeKrnlBoot)
DRV:64bit: - [2011-11-23 19:23:48 | 001,092,728 | R--- | M] (Symantec Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\N360x64\0600000.091\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2011-11-23 18:50:28 | 000,738,936 | R--- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\Windows\system32\drivers\N360x64\0600000.091\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2011-11-23 18:50:28 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\N360x64\0600000.091\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011-11-16 20:38:00 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\N360x64\0600000.091\SYMNETS.SYS -- (SymNetS)
DRV:64bit: - [2011-11-16 20:17:50 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\N360x64\0600000.091\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2011-11-04 16:59:30 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\N360x64\0600000.091\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2011-08-24 11:56:28 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto] -- C:\Windows\System32\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2011-08-15 23:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\N360x64\0600000.091\SymDS64.sys -- (SymDS)
DRV:64bit: - [2010-11-21 04:24:39 | 000,223,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2010-11-21 04:24:33 | 000,213,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 04:24:25 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV:64bit: - [2010-11-21 04:24:24 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2010-11-21 04:24:09 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2010-11-21 04:24:08 | 000,459,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\cng.sys -- (CNG)
DRV:64bit: - [2010-11-21 04:24:08 | 000,152,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2010-11-21 04:23:50 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2010-11-21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\iaStorV.sys -- (iaStorV)
DRV:64bit: - [2010-11-21 04:23:47 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2010-11-21 04:23:47 | 000,229,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2010-11-21 04:23:47 | 000,215,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2010-11-21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2010-11-21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2010-11-21 04:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- C:\Windows\system32\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\Windows\system32\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 04:23:47 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-11-21 04:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- C:\Windows\System32\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-21 04:23:47 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009-07-14 02:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2009-07-14 02:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2009-07-14 02:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2009-07-14 02:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2009-07-14 02:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2009-07-14 02:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV:64bit: - [2009-07-14 02:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:26 | 000,051,264 | ---- | M] (IBM Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2009-07-14 02:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\MegaSR.sys -- (MegaSR)
DRV:64bit: - [2009-07-14 02:48:04 | 000,115,776 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2009-07-14 02:48:04 | 000,114,752 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2009-07-14 02:48:04 | 000,106,560 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2009-07-14 02:48:04 | 000,035,392 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2009-07-14 02:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009-07-14 02:47:48 | 000,530,496 | ---- | M] (Emulex) [Kernel | On_Demand] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2009-07-14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009-07-14 02:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009-07-14 02:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2009-07-14 02:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand] -- C:\Windows\system32\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2009-07-14 02:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2009-07-14 02:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2009-07-14 02:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2009-07-14 02:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009-07-14 02:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\SiSRaid2.sys -- (SiSRaid2)
DRV:64bit: - [2009-07-14 02:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV:64bit: - [2009-07-14 01:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009-07-14 01:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009-07-14 01:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009-07-14 01:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009-07-14 01:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009-07-14 01:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009-07-14 01:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009-07-14 01:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009-07-14 01:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009-07-14 00:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV:64bit: - [2009-07-14 00:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\HidBatt.sys -- (HidBatt)
DRV:64bit: - [2009-07-14 00:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009-07-14 00:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009-06-10 21:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV:64bit: - [2009-06-10 21:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV:64bit: - [2009-06-10 21:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV:64bit: - [2009-06-10 21:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV:64bit: - [2009-06-10 21:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV:64bit: - [2009-06-10 21:37:19 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV:64bit: - [2009-06-10 21:35:09 | 000,145,792 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G6032E.sys -- (E1G60) Pilote de la carte Intel(R)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2015-09-11 10:56:04 | 000,103,904 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys -- (iSafeKrnlR3)
DRV - [2015-08-20 04:10:09 | 000,061,832 | ---- | M] (Elex do Brasil Participações Ltda) [File_System | System] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys -- (iSafeKrnlMon)
DRV - [2015-08-20 04:10:08 | 000,110,112 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys -- (iSafeKrnlKit)
DRV - [2015-05-14 04:50:13 | 000,260,856 | ---- | M] (Elex do Brasil Participações Ltda) [File_System | System] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys -- (iSafeKrnl)
DRV - [2011-12-03 02:00:00 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20111203.009\EX64.SYS -- (NAVEX15)
DRV - [2011-12-03 02:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20111203.009\ENG64.SYS -- (NAVENG)
DRV - [2011-11-28 21:48:56 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20111201.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011-11-23 18:56:38 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20111130.012\IDSviA64.sys -- (IDSVia64)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-14 02:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009-06-10 22:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009-06-10 22:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\VM_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\VM_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2016-02-06 17:32:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2016-02-06 17:32:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015-11-18 15:57:04 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (Spyware Terminator 2015 Internet Guard) - {82A76710-4F98-4957-92BE-99648A4E2475} - C:\Program Files (x86)\Spyware Terminator\STInternetGuard64.dll (Crawler Group, LLC)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.0.0.145\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.0.0.145\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Spyware Terminator 2015 Internet Guard) - {82A76710-4F98-4957-92BE-99648A4E2475} - C:\Program Files (x86)\Spyware Terminator\STInternetGuard.dll (Crawler Group, LLC)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.0.0.145\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKU\VM_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\VM_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\VM_ON_C\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.0.0.145\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [VBoxTray] C:\Windows\System32\VBoxTray.exe (Oracle Corporation)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\VM_ON_C..\Run: [Google Update] C:\Users\VM\AppData\Local\Google\Desktop\Install\{54ea0dce-1abd-14d2-896b-1dd2ce562286}\d'x"Ù"\", &h#\. ùû[\{54ea0dce-1abd-14d2-896b-1dd2ce562286}\GoogleUpdate.exe (RedShift IT SRL)
O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecycleFiles = 0
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\VM_ON_C Winlogon: Shell - ("C:\Users\VM\AppData\Local\Temp\alvua.exe") - C:\Users\VM\AppData\Local\Temp\alvua.exe File not found
O20 - HKU\VM_ON_C Winlogon: Shell - (/shell) - File not found
O20 - Winlogon\Notify\SDWinLogon: DllName - SDWinLogon.dll - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015-08-20 12:47:07 | 000,000,647 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2016-01-19 18:41:04 | 000,006,909 | R--- | M] () - D:\autorun.sh -- [ CDFS ]
O33 - MountPoints2\{259f07c7-c792-11e5-832f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{259f07c7-c792-11e5-832f-806e6f6e6963}\Shell\AutoRun\command - "" = D:\VBoxWindowsAdditions.exe -- [2016-01-19 18:40:19 | 000,316,016 | R--- | M] (Oracle Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- Reg Error: Key error.
O35 - exefile [open] -- Reg Error: Key error.

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

NetSvcs:64bit: Ias - C:\Windows\System32\ias [2009-07-14 04:20:14 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs:64bit: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs:64bit: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)

MsConfig:64bit - StartUpReg: AvgUi - hkey= - key= - C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe (AVG Technologies CZ, s.r.o.)
MsConfig:64bit - StartUpReg: GUDelayStartup - hkey= - key= - C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd)
MsConfig:64bit - StartUpReg: PCSpeedUp - hkey= - key= - C:\Program Files (x86)\Accelerer PC\PCSUNotifier.exe (Optimal Software s.r.o.)
MsConfig:64bit - StartUpReg: PSUAMain - hkey= - key= - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security, S.L.)
MsConfig:64bit - StartUpReg: SDTray - hkey= - key= - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
MsConfig:64bit - StartUpReg: SpywareTerminatorShield - hkey= - key= - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler Group, LLC)
MsConfig:64bit - StartUpReg: SpywareTerminatorUpdater - hkey= - key= - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler Group, LLC)
MsConfig:64bit - StartUpReg: uTorrent - hkey= - key= - C:\Users\VM\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
MsConfig:64bit - State: "services" - 2
MsConfig:64bit - State: "startup" - 2

Drivers32:64bit: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32:64bit: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32:64bit: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.iyuv - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.uyvy - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yuy2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvu9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvyu - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:64bit: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - Service
SafeBootMin:64bit: WudfPf - C:\Windows\System32\drivers\WUDFPf.sys (Microsoft Corporation)
SafeBootMin:64bit: WudfRd - Driver
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NanoServiceMain - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security, S.L.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: PSUAService - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Panda Security, S.L.)
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: VDS - C:\Windows\SysWOW64\wbem\vds.mof ()
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - Service
SafeBootMin: WudfRd - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: BFE - Service
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: Dhcp - C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MPSSvc - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: ndiscap - C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: PolicyAgent - Service
SafeBootNet:64bit: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - Service
SafeBootNet:64bit: WudfPf - C:\Windows\System32\drivers\WUDFPf.sys (Microsoft Corporation)
SafeBootNet:64bit: WudfRd - Driver
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Dhcp - C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSDrv - C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
SafeBootNet: MPSSvc - Service
SafeBootNet: NanoServiceMain - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security, S.L.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOS - C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: PolicyAgent - Service
SafeBootNet: Primary disk - Driver Group
SafeBootNet: PSUAService - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Panda Security, S.L.)
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: Tcpip - C:\Windows\SysWOW64\wbem\tcpip.mof ()
SafeBootNet: TDI - Driver Group
SafeBootNet: VDS - C:\Windows\SysWOW64\wbem\vds.mof ()
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - Service
SafeBootNet: WudfRd - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

========== Files/Folders - Created Within 30 Days ==========

File not found -- X:\Users\Default\Desktop\Exécuter... - Raccourci.lnk
[2016-02-06 18:16:35 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Local\Opera
[2016-02-06 18:16:34 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Opera
[2016-02-06 18:12:29 | 000,000,000 | --SD | C] -- X:\Users\Default\AppData\LocalLow
[2016-02-06 17:54:01 | 000,409,600 | ---- | C] (shithead mujaheddin) -- C:\Users\VM\AppData\Roaming\hrt54is56ijfgte.exe
[2016-02-06 17:53:55 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\ide56
[2016-02-06 17:53:04 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\Owtuqy
[2016-02-06 17:53:04 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\Imzon
[2016-02-06 17:53:04 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\Ilipy
[2016-02-06 17:38:40 | 000,000,000 | ---D | C] -- C:\Users\VM\Desktop\Emotet + Zbot
[2016-02-06 17:32:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2016-02-06 17:27:09 | 000,000,000 | ---D | C] -- C:\Users\VM\Documents\OneSafe PC Cleaner
[2016-02-06 17:27:08 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\OneSafe PC Cleaner
[2016-02-06 17:23:35 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\Adobe
[2016-02-06 17:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\KMSpico
[2016-02-06 17:21:30 | 000,000,000 | -H-D | C] -- C:\temp
[2016-02-06 17:15:24 | 000,796,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016-02-06 17:15:07 | 000,142,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016-02-06 17:14:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2016-02-06 17:13:54 | 000,000,000 | ---D | C] -- C:\Users\VM\Documents\PCSpeedUp
[2016-02-06 17:12:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2016-02-06 17:10:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Accelerer PC
[2016-02-06 17:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2016-01-31 00:32:02 | 000,000,000 | ---D | C] -- C:\Users\VM\Desktop\trojan
[2016-01-31 00:32:01 | 000,000,000 | ---D | C] -- C:\Users\VM\Desktop\pup
[2016-01-31 00:27:02 | 000,000,000 | ---D | C] -- C:\Users\VM\Desktop\trojan3
[2016-01-31 00:02:44 | 000,175,736 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
[2016-01-31 00:02:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2016-01-31 00:02:43 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2016-01-31 00:01:46 | 001,092,728 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360x64\0600000.091\SymEFA64.sys
[2016-01-31 00:01:46 | 000,738,936 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360x64\0600000.091\srtsp64.sys
[2016-01-31 00:01:46 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360x64\0600000.091\SymDS64.sys
[2016-01-31 00:01:46 | 000,405,624 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360x64\0600000.091\symnets.sys
[2016-01-31 00:01:46 | 000,190,072 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360x64\0600000.091\Ironx64.sys
[2016-01-31 00:01:46 | 000,037,496 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360x64\0600000.091\srtspx64.sys
[2016-01-31 00:01:44 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360x64\0600000.091\ccSetx64.sys
[2016-01-31 00:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
[2016-01-31 00:00:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360x64
[2016-01-31 00:00:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360x64\0600000.091
[2016-01-31 00:00:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2016-01-31 00:00:03 | 000,000,000 | ---D | C] -- C:\rei
[2016-01-30 23:59:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2016-01-30 23:59:24 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Local\Mozilla
[2016-01-30 23:59:20 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\Mozilla
[2016-01-30 23:58:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiDefMedia
[2016-01-30 23:58:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OneSafe PC Cleaner
[2016-01-30 23:57:29 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Local\Adobe
[2016-01-30 23:56:51 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\0C1F1L1G1L1B0R1P2X0S1M1T1C1P
[2016-01-30 23:56:45 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\StormFall
[2016-01-30 23:56:43 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\ZU_WarThunder
[2016-01-30 23:56:41 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Local\StormFall
[2016-01-30 23:00:49 | 000,067,976 | ---- | C] (Elex do Brasil Participações Ltda) -- C:\Windows\System32\drivers\iSafeNetFilter.sys
[2016-01-30 23:00:47 | 000,053,568 | ---- | C] (Elex do Brasil Participações Ltda) -- C:\Windows\System32\drivers\iSafeKrnlBoot.sys
[2016-01-30 23:00:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\log
[2016-01-30 22:56:12 | 000,000,000 | ---D | C] -- C:\Users\VM\Desktop\pup4
[2016-01-30 22:39:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UseNeXT
[2016-01-30 22:39:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elex-tech
[2016-01-30 22:35:24 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\Elex-tech
[2016-01-30 22:20:38 | 000,020,160 | ---- | C] (Glarysoft Ltd) -- C:\Windows\System32\drivers\GUBootStartup.sys
[2016-01-30 22:20:36 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\DiskDefrag
[2016-01-30 22:20:35 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\GlarySoft
[2016-01-30 22:20:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 5
[2016-01-30 22:18:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2016-01-30 22:18:20 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\Uniblue
[2016-01-30 22:18:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2016-01-30 22:17:25 | 000,061,712 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\PSKMAD.sys
[2016-01-30 22:16:25 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\Panda Security
[2016-01-30 22:15:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GUM392A.tmp
[2016-01-30 22:14:38 | 000,000,000 | ---D | C] -- C:\Users\VM\Desktop\malware
[2016-01-30 22:12:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2016-01-30 22:11:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Crawler
[2016-01-30 22:11:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2016-01-30 22:10:49 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\Spyware Terminator
[2016-01-30 22:09:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2016-01-30 22:09:10 | 000,000,000 | ---D | C] -- C:\Users\VM\Desktop\JADMaker
[2016-01-30 22:07:54 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\uTorrent
[2016-01-30 22:06:34 | 002,362,696 | ---- | C] ( ) -- C:\Users\VM\Desktop\FFASKToolbarInstaller_ASK_tbr_1.6.2.0.exe
[2016-01-30 22:06:13 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Local\MFAData
[2016-01-30 22:05:46 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\Google
[2016-01-30 22:04:09 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean64.exe
[2016-01-30 22:03:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2016-01-30 22:03:02 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Local\Norman Malware Cleaner
[2016-01-30 21:59:25 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2016-01-30 21:58:13 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2016-01-30 21:58:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2016-01-30 21:57:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit PhantomPDF
[2016-01-30 21:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2016-01-30 21:57:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2016-01-30 21:57:02 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Local\Google
[2016-01-30 21:56:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dropbox
[2016-01-30 21:56:19 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Local\Programs
[2016-01-30 21:56:07 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Local\AvgSetupLog
[2016-01-30 21:56:07 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Local\Avg
[2016-01-30 21:55:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016-01-30 21:55:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie Maker 2.6
[2016-01-30 21:55:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICEpower
[2016-01-30 21:55:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoIt3
[2016-01-30 21:55:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2016-01-30 21:54:36 | 002,026,520 | ---- | C] (BitTorrent Inc.) -- C:\Users\VM\Desktop\uTorrent_3-4-5-build-41372.exe
[2016-01-30 21:54:36 | 001,114,968 | ---- | C] (Crawler Group ) -- C:\Users\VM\Desktop\SpywareTerminatorSetup.exe
[2016-01-30 21:54:35 | 018,727,080 | ---- | C] (Uniblue Systems Limited ) -- C:\Users\VM\Desktop\SpeedUpMyPC-standalone-setup.exe
[2016-01-30 21:54:27 | 350,050,904 | ---- | C] (Norman Shark AS) -- C:\Users\VM\Desktop\Norman_Malware_Cleaner-2.08.08.exe
[2016-01-30 21:54:27 | 000,987,728 | ---- | C] (Google Inc.) -- C:\Users\VM\Desktop\GoogleToolbarSetup.exe
[2016-01-30 21:50:53 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2016-01-30 21:49:55 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2016-01-30 21:49:55 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[2016-01-30 21:49:55 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2016-01-30 21:49:50 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2016-01-30 21:49:50 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2016-01-30 21:49:50 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2016-01-30 21:49:50 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2016-01-30 21:49:50 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2016-01-30 21:49:50 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2016-01-30 21:49:48 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\Identities
[2016-01-30 21:49:41 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2016-01-30 21:49:41 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2016-01-30 21:49:41 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2016-01-30 21:49:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2016-01-30 21:49:40 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Local\VirtualStore
[2016-01-30 21:49:23 | 000,000,000 | --SD | C] -- C:\Users\VM\AppData\Roaming\Microsoft
[2016-01-30 21:49:23 | 000,000,000 | -HSD | C] -- C:\Users\VM\AppData\Local\Temporary Internet Files
[2016-01-30 21:49:23 | 000,000,000 | -HSD | C] -- C:\Users\VM\Documents\Mes vidéos
[2016-01-30 21:49:23 | 000,000,000 | -HSD | C] -- C:\Users\VM\Documents\Mes images
[2016-01-30 21:49:23 | 000,000,000 | -HSD | C] -- C:\Users\VM\Documents\Ma musique
[2016-01-30 21:49:23 | 000,000,000 | -HSD | C] -- C:\Users\VM\AppData\Local\Historique
[2016-01-30 21:49:23 | 000,000,000 | -HSD | C] -- C:\Users\VM\AppData\Local\Application Data
[2016-01-30 21:49:23 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Local\Temp
[2016-01-30 21:49:23 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming
[2016-01-30 21:49:23 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Local\Microsoft
[2016-01-30 21:49:23 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Roaming\Media Center Programs
[2016-01-30 21:49:23 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\LocalLow
[2016-01-30 21:49:23 | 000,000,000 | ---D | C] -- C:\Users\VM\AppData\Local
[2016-01-30 21:49:11 | 000,000,000 | -HSD | C] -- C:\Recovery
[2016-01-30 21:49:11 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2016-01-30 21:49:06 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2016-01-30 21:44:14 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2016-01-30 21:43:48 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2016-01-30 21:43:29 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2016-01-19 17:44:54 | 001,857,408 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxOGLpackspu.dll
[2016-01-19 17:44:54 | 001,709,088 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxOGL.dll
[2016-01-19 17:44:54 | 001,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxMRXNP.dll
[2016-01-19 17:44:48 | 000,636,352 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxOGLarrayspu.dll
[2016-01-19 17:44:40 | 000,982,944 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxOGLfeedbackspu.dll
[2016-01-19 17:44:06 | 001,560,816 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxOGLcrutil.dll
[2016-01-19 17:44:06 | 000,143,488 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxOGLerrorspu.dll
[2016-01-19 17:44:06 | 000,097,680 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxOGLpassthroughspu.dll
[2016-01-19 17:44:02 | 001,274,976 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxMRXNP.dll
[2016-01-19 17:43:58 | 001,746,704 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxTray.exe
[2016-01-19 17:43:58 | 001,340,872 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxControl.exe
[2016-01-19 17:43:58 | 000,166,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxGuest.sys
[2016-01-19 17:43:58 | 000,099,800 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxDisp.dll
[2016-01-19 17:43:46 | 001,849,704 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxService.exe
[2016-01-19 17:43:42 | 000,303,704 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxSF.sys
[2016-01-19 17:43:42 | 000,130,128 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxMouse.sys
[2016-01-19 17:43:40 | 000,154,360 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxVideo.sys
[2016-01-19 17:43:40 | 000,061,624 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxHook.dll
[2016-01-19 17:41:02 | 001,424,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGL.dll
[2016-01-19 17:40:50 | 001,630,784 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGLpackspu.dll
[2016-01-19 17:40:50 | 000,856,272 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGLfeedbackspu.dll
[2016-01-19 17:40:50 | 000,558,072 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGLarrayspu.dll
[2016-01-19 17:40:40 | 001,330,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGLcrutil.dll
[2016-01-19 17:40:40 | 000,126,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGLerrorspu.dll
[2016-01-19 17:40:40 | 000,086,296 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGLpassthroughspu.dll
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- X:\Users\Default\Desktop\Exécuter... - Raccourci.lnk
[2016-02-06 18:07:25 | 000,001,663 | ---- | M] () -- X:\Users\Default\Desktop\PENetwork.lnk
[2016-02-06 18:07:25 | 000,001,560 | ---- | M] () -- X:\Users\Default\Desktop\Command Prompt.lnk
[2016-02-06 18:07:25 | 000,001,444 | ---- | M] () -- X:\Users\Default\Desktop\Explorer.lnk
[2016-02-06 18:07:25 | 000,000,891 | ---- | M] () -- X:\Users\Default\Desktop\OTLPE.lnk
[2016-02-06 18:07:25 | 000,000,697 | ---- | M] () -- X:\Users\Default\Desktop\RogueKiller.lnk
[2016-02-06 18:07:25 | 000,000,637 | ---- | M] () -- X:\Users\Default\Desktop\HD Tune v2.55.lnk
[2016-02-06 18:07:25 | 000,000,625 | ---- | M] () -- X:\Users\Default\Desktop\Opera12.lnk
[2016-02-06 18:07:25 | 000,000,591 | ---- | M] () -- X:\Users\Default\Desktop\FRST.lnk
[2016-02-06 17:59:35 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016-02-06 17:59:35 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC Startup.job
[2016-02-06 17:59:10 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2016-02-06 17:58:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016-02-06 17:53:19 | 000,000,446 | ---- | M] () -- C:\Windows\win.ini
[2016-02-06 17:50:36 | 000,016,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016-02-06 17:50:36 | 000,016,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016-02-06 17:50:29 | 001,290,606 | -H-- | M] () -- C:\Users\VM\AppData\Local\IconCache.db
[2016-02-06 17:47:40 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016-02-06 17:47:40 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\PC SpeedUp Service Deactivator.job
[2016-02-06 17:47:03 | 001,319,410 | ---- | M] () -- C:\Windows\System32\drivers\N360x64\0600000.091\Cat.DB
[2016-02-06 17:27:07 | 000,001,117 | ---- | M] () -- C:\Users\VM\Desktop\OneSafe PC Cleaner.lnk
[2016-02-06 17:25:04 | 000,001,055 | ---- | M] () -- C:\Users\VM\Desktop\Accelerer PC.lnk
[2016-02-06 17:23:29 | 000,000,000 | ---- | M] () -- C:\Users\VM\AppData\Local\overhmacead.exe
[2016-02-06 17:15:27 | 000,796,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016-02-06 17:15:08 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016-02-06 17:11:56 | 001,524,372 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2016-02-06 17:11:56 | 000,695,004 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2016-02-06 17:11:56 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016-02-06 17:11:56 | 000,127,684 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2016-02-06 17:11:56 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016-02-06 16:46:55 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC Maintenance.job
[2016-01-31 00:15:25 | 000,002,246 | ---- | M] () -- C:\Users\VM\Desktop\WarThunder.lnk
[2016-01-31 00:15:25 | 000,002,186 | ---- | M] () -- C:\Users\VM\Desktop\StormFall.lnk
[2016-01-31 00:04:09 | 000,000,150 | ---- | M] () -- C:\Windows\Reimage.ini
[2016-01-31 00:03:07 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\ReimageUpdater.job
[2016-01-31 00:02:44 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
[2016-01-31 00:02:44 | 000,007,488 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT64x86.CAT
[2016-01-31 00:02:44 | 000,000,855 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT64x86.INF
[2016-01-30 23:56:45 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\WarThunder24.job
[2016-01-30 23:56:45 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\WarThunder05.job
[2016-01-30 23:56:45 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\WarThunder sun.job
[2016-01-30 23:56:45 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\WarThunder sat.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | M] () -- C:\Windows\tasks\StormFall W2.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | M] () -- C:\Windows\tasks\StormFall W1.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | M] () -- C:\Windows\tasks\StormFall TW2.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | M] () -- C:\Windows\tasks\StormFall TW1.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | M] () -- C:\Windows\tasks\StormFall TM.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | M] () -- C:\Windows\tasks\StormFall FM.job
[2016-01-30 23:54:19 | 000,313,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2016-01-30 23:02:46 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016-01-30 22:52:40 | 000,000,000 | ---- | M] () -- C:\Users\VM\AppData\Local\{A7B1F934-B2CA-476D-934A-550FDE2C40E9}
[2016-01-30 22:39:42 | 000,001,857 | ---- | M] () -- C:\Users\VM\Desktop\UseNeXT by Tangysoft.lnk
[2016-01-30 22:32:11 | 000,916,008 | ---- | M] () -- C:\Users\VM\Desktop\yet_another_cleaner_sfto.exe
[2016-01-30 22:20:38 | 000,020,160 | ---- | M] (Glarysoft Ltd) -- C:\Windows\System32\drivers\GUBootStartup.sys
[2016-01-30 22:16:29 | 000,058,032 | ---- | M] () -- C:\Users\VM\AppData\Local\GDIPFONTCACHEV1.DAT
[2016-01-30 22:10:54 | 000,002,621 | ---- | M] () -- C:\Users\VM\Desktop\µTorrent.lnk
[2016-01-30 22:04:22 | 002,362,696 | ---- | M] ( ) -- C:\Users\VM\Desktop\FFASKToolbarInstaller_ASK_tbr_1.6.2.0.exe
[2016-01-30 21:47:56 | 000,987,728 | ---- | M] (Google Inc.) -- C:\Users\VM\Desktop\GoogleToolbarSetup.exe
[2016-01-30 21:46:43 | 000,212,125 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2016-01-30 21:46:43 | 000,212,125 | ---- | M] () -- C:\Windows\System32\license.rtf
[2016-01-30 21:46:06 | 000,070,843 | ---- | M] () -- C:\Users\VM\Desktop\JADMaker.zip
[2016-01-30 21:43:15 | 002,026,520 | ---- | M] (BitTorrent Inc.) -- C:\Users\VM\Desktop\uTorrent_3-4-5-build-41372.exe
[2016-01-30 21:30:01 | 018,727,080 | ---- | M] (Uniblue Systems Limited ) -- C:\Users\VM\Desktop\SpeedUpMyPC-standalone-setup.exe
[2016-01-30 21:28:50 | 350,050,904 | ---- | M] (Norman Shark AS) -- C:\Users\VM\Desktop\Norman_Malware_Cleaner-2.08.08.exe
[2016-01-30 21:25:03 | 003,876,368 | ---- | M] () -- C:\Users\VM\Desktop\SlimCleaner-Beta-0.1 .exe
[2016-01-30 21:22:30 | 001,114,968 | ---- | M] (Crawler Group ) -- C:\Users\VM\Desktop\SpywareTerminatorSetup.exe
[2016-01-30 21:22:19 | 002,113,152 | ---- | M] () -- C:\Users\VM\Desktop\PANDAFREEAV.exe
[2016-01-19 17:44:54 | 001,857,408 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxOGLpackspu.dll
[2016-01-19 17:44:54 | 001,709,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxOGL.dll
[2016-01-19 17:44:54 | 001,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxMRXNP.dll
[2016-01-19 17:44:48 | 000,636,352 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxOGLarrayspu.dll
[2016-01-19 17:44:40 | 000,982,944 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxOGLfeedbackspu.dll
[2016-01-19 17:44:06 | 001,560,816 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxOGLcrutil.dll
[2016-01-19 17:44:06 | 000,143,488 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxOGLerrorspu.dll
[2016-01-19 17:44:06 | 000,097,680 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxOGLpassthroughspu.dll
[2016-01-19 17:44:02 | 001,274,976 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxMRXNP.dll
[2016-01-19 17:43:58 | 001,746,704 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxTray.exe
[2016-01-19 17:43:58 | 001,340,872 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxControl.exe
[2016-01-19 17:43:58 | 000,166,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxGuest.sys
[2016-01-19 17:43:58 | 000,099,800 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxDisp.dll
[2016-01-19 17:43:46 | 001,849,704 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxService.exe
[2016-01-19 17:43:42 | 000,303,704 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxSF.sys
[2016-01-19 17:43:42 | 000,130,128 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxMouse.sys
[2016-01-19 17:43:40 | 000,154,360 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxVideo.sys
[2016-01-19 17:43:40 | 000,061,624 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxHook.dll
[2016-01-19 17:41:02 | 001,424,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGL.dll
[2016-01-19 17:40:50 | 001,630,784 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGLpackspu.dll
[2016-01-19 17:40:50 | 000,856,272 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGLfeedbackspu.dll
[2016-01-19 17:40:50 | 000,558,072 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGLarrayspu.dll
[2016-01-19 17:40:40 | 001,330,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGLcrutil.dll
[2016-01-19 17:40:40 | 000,126,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGLerrorspu.dll
[2016-01-19 17:40:40 | 000,086,296 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\VBoxOGLpassthroughspu.dll
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2016-02-06 18:07:25 | 000,001,663 | ---- | C] () -- X:\Users\Default\Desktop\PENetwork.lnk
[2016-02-06 18:07:25 | 000,001,560 | ---- | C] () -- X:\Users\Default\Desktop\Command Prompt.lnk
[2016-02-06 18:07:25 | 000,001,444 | ---- | C] () -- X:\Users\Default\Desktop\Explorer.lnk
[2016-02-06 18:07:25 | 000,000,891 | ---- | C] () -- X:\Users\Default\Desktop\OTLPE.lnk
[2016-02-06 18:07:25 | 000,000,697 | ---- | C] () -- X:\Users\Default\Desktop\RogueKiller.lnk
[2016-02-06 18:07:25 | 000,000,637 | ---- | C] () -- X:\Users\Default\Desktop\HD Tune v2.55.lnk
[2016-02-06 18:07:25 | 000,000,625 | ---- | C] () -- X:\Users\Default\Desktop\Opera12.lnk
[2016-02-06 18:07:25 | 000,000,591 | ---- | C] () -- X:\Users\Default\Desktop\FRST.lnk
[2016-02-06 17:52:17 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\pqcovwqpu.exe
[2016-02-06 17:44:34 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\kkmikegltyyzo.exe
[2016-02-06 17:42:30 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\lfgkzcaevqlq.exe
[2016-02-06 17:40:01 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\fgjgutmo.exe
[2016-02-06 17:22:15 | 000,000,000 | ---- | C] () -- C:\Users\VM\AppData\Local\overhmacead.exe
[2016-02-06 17:21:48 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\uqoelieotttrpb.exe
[2016-02-06 17:16:30 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016-02-06 17:11:23 | 000,000,338 | ---- | C] () -- C:\Windows\tasks\PC SpeedUp Service Deactivator.job
[2016-02-06 17:11:08 | 000,001,055 | ---- | C] () -- C:\Users\VM\Desktop\Accelerer PC.lnk
[2016-01-31 00:13:42 | 001,319,410 | ---- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\Cat.DB
[2016-01-31 00:03:07 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\ReimageUpdater.job
[2016-01-31 00:02:44 | 000,007,488 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT64x86.CAT
[2016-01-31 00:02:44 | 000,000,855 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT64x86.INF
[2016-01-31 00:00:30 | 000,003,434 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\SymEFA.inf
[2016-01-31 00:00:30 | 000,002,852 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\SymDS.inf
[2016-01-31 00:00:30 | 000,001,441 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\SymNet.inf
[2016-01-31 00:00:30 | 000,001,438 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\srtsp64.inf
[2016-01-31 00:00:30 | 000,001,420 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\srtspx64.inf
[2016-01-31 00:00:30 | 000,000,853 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\ccSetx64.inf
[2016-01-31 00:00:30 | 000,000,772 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\Iron.inf
[2016-01-31 00:00:15 | 000,004,782 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\SymVTcer.dat
[2016-01-31 00:00:12 | 000,007,496 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\SymDS64.cat
[2016-01-31 00:00:12 | 000,007,468 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\ccSetx64.cat
[2016-01-31 00:00:12 | 000,007,462 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\srtspx64.cat
[2016-01-31 00:00:12 | 000,007,460 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\SymEFA64.cat
[2016-01-31 00:00:12 | 000,007,458 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\symnet64.cat
[2016-01-31 00:00:12 | 000,007,458 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\srtsp64.cat
[2016-01-31 00:00:12 | 000,007,450 | R--- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\iron.cat
[2016-01-31 00:00:12 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360x64\0600000.091\isolate.ini
[2016-01-30 23:58:28 | 000,001,117 | ---- | C] () -- C:\Users\VM\Desktop\OneSafe PC Cleaner.lnk
[2016-01-30 23:58:26 | 000,000,150 | ---- | C] () -- C:\Windows\Reimage.ini
[2016-01-30 23:56:45 | 000,002,246 | ---- | C] () -- C:\Users\VM\Desktop\WarThunder.lnk
[2016-01-30 23:56:45 | 000,002,186 | ---- | C] () -- C:\Users\VM\Desktop\StormFall.lnk
[2016-01-30 23:56:45 | 000,000,544 | ---- | C] () -- C:\Windows\tasks\WarThunder24.job
[2016-01-30 23:56:45 | 000,000,544 | ---- | C] () -- C:\Windows\tasks\WarThunder05.job
[2016-01-30 23:56:45 | 000,000,544 | ---- | C] () -- C:\Windows\tasks\WarThunder sun.job
[2016-01-30 23:56:45 | 000,000,544 | ---- | C] () -- C:\Windows\tasks\WarThunder sat.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | C] () -- C:\Windows\tasks\StormFall W2.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | C] () -- C:\Windows\tasks\StormFall W1.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | C] () -- C:\Windows\tasks\StormFall TW2.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | C] () -- C:\Windows\tasks\StormFall TW1.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | C] () -- C:\Windows\tasks\StormFall TM.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | C] () -- C:\Windows\tasks\StormFall FM.job
[2016-01-30 22:52:40 | 000,000,000 | ---- | C] () -- C:\Users\VM\AppData\Local\{A7B1F934-B2CA-476D-934A-550FDE2C40E9}
[2016-01-30 22:39:42 | 000,001,857 | ---- | C] () -- C:\Users\VM\Desktop\UseNeXT by Tangysoft.lnk
[2016-01-30 22:33:03 | 000,916,008 | ---- | C] () -- C:\Users\VM\Desktop\yet_another_cleaner_sfto.exe
[2016-01-30 22:19:49 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\SpeedUpMyPC Maintenance.job
[2016-01-30 22:19:33 | 000,000,266 | ---- | C] () -- C:\Windows\tasks\SpeedUpMyPC Startup.job
[2016-01-30 22:10:54 | 000,002,621 | ---- | C] () -- C:\Users\VM\Desktop\µTorrent.lnk
[2016-01-30 21:57:27 | 000,001,060 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016-01-30 21:57:18 | 000,001,056 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016-01-30 21:54:35 | 003,876,368 | ---- | C] () -- C:\Users\VM\Desktop\SlimCleaner-Beta-0.1 .exe
[2016-01-30 21:54:35 | 002,113,152 | ---- | C] () -- C:\Users\VM\Desktop\PANDAFREEAV.exe
[2016-01-30 21:54:27 | 000,070,843 | ---- | C] () -- C:\Users\VM\Desktop\JADMaker.zip
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2016-02-06 18:16:34 | 000,000,000 | ---D | M] -- X:\Users\Default\AppData\Roaming\Opera
[2016-01-30 23:56:51 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\0C1F1L1G1L1B0R1P2X0S1M1T1C1P
[2016-01-30 22:20:36 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\DiskDefrag
[2016-01-30 22:35:24 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\Elex-tech
[2016-01-30 22:20:35 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\GlarySoft
[2016-02-06 17:54:01 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\ide56
[2016-02-06 17:53:27 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\Ilipy
[2016-02-06 17:53:04 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\Imzon
[2016-02-06 17:27:08 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\OneSafe PC Cleaner
[2016-02-06 17:53:04 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\Owtuqy
[2016-01-30 22:16:25 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\Panda Security
[2016-01-30 22:10:49 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\Spyware Terminator
[2016-01-30 23:56:45 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\StormFall
[2016-01-30 22:18:20 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\Uniblue
[2016-02-06 16:58:29 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\uTorrent
[2016-01-30 23:56:43 | 000,000,000 | ---D | M] -- C:\Users\VM\AppData\Roaming\ZU_WarThunder
[2016-02-06 17:47:40 | 000,000,338 | ---- | M] () -- C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
[2016-01-31 00:03:07 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\ReimageUpdater.job
[2009-07-14 06:08:49 | 000,003,952 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2016-02-06 16:46:55 | 000,000,272 | ---- | M] () -- C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
[2016-02-06 17:59:35 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\SpeedUpMyPC Startup.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | M] () -- C:\Windows\Tasks\StormFall FM.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | M] () -- C:\Windows\Tasks\StormFall TM.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | M] () -- C:\Windows\Tasks\StormFall TW1.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | M] () -- C:\Windows\Tasks\StormFall TW2.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | M] () -- C:\Windows\Tasks\StormFall W1.job
[2016-01-30 23:56:45 | 000,000,492 | ---- | M] () -- C:\Windows\Tasks\StormFall W2.job
[2016-01-30 23:56:45 | 000,000,544 | ---- | M] () -- C:\Windows\Tasks\WarThunder sat.job
[2016-01-30 23:56:45 | 000,000,544 | ---- | M] () -- C:\Windows\Tasks\WarThunder sun.job
[2016-01-30 23:56:45 | 000,000,544 | ---- | M] () -- C:\Windows\Tasks\WarThunder05.job
[2016-01-30 23:56:45 | 000,000,544 | ---- | M] () -- C:\Windows\Tasks\WarThunder24.job

========== Purity Check ==========



========== Custom Scans ==========


Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.dll

< %SystemDrive%\*.exe >

< %Programfiles%\*. >
[2016-01-30 22:18:55 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2016-01-31 00:02:44 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011-04-12 10:28:14 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
[2016-01-30 21:49:11 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
[2016-01-30 21:59:25 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011-04-12 10:16:36 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2016-02-06 17:22:56 | 000,000,000 | ---D | M] -- C:\Program Files\KMSpico
[2011-04-12 10:28:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2009-07-14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2016-01-30 21:50:53 | 000,000,000 | ---D | M] -- C:\Program Files\Oracle
[2009-07-14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2016-01-31 00:02:53 | 000,000,000 | ---D | M] -- C:\Program Files\Reimage
[2016-01-31 00:02:45 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2009-07-14 06:09:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011-04-12 10:16:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2011-04-12 10:28:13 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2011-04-12 10:16:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2011-04-12 10:16:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2016-01-30 21:49:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011-04-12 10:16:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
[2010-11-21 04:31:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2011-04-12 10:16:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar

Invalid Environment Variable: %Programfiles(x86)%\*.

Invalid Environment Variable: %ProgramData%\*.

Invalid Environment Variable: %AppData%\*.

Invalid Environment Variable: %LocalAppData%\*.

Invalid Environment Variable: %UserProfile%\AppData\LocalLow\*.

Invalid Environment Variable: %ProgramData%\Microsoft\Windows\Start Menu\Programs\*.

Invalid Environment Variable: %AppData%\Microsoft\Windows\Start Menu\Programs\*.

< %systemroot%\Tasks\*. >

< %systemroot%\system32\Tasks\*. >
[2009-07-14 05:57:06 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\Tasks\Microsoft
[2016-02-06 16:55:04 | 000,000,000 | ---D | M] --
[2016-01-30 22:06:21 | 000,000,000 | ---D | M] --
[2009-07-14 06:09:57 | 000,000,000 | ---D | M] --

Invalid Environment Variable: %windir%\Tasks\*.job

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\syswow64\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\syswow64\drivers\*.sys /lockedfiles >


< MD5 for: AGP440.SYS >
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\drivers\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ALG.EXE >
[2009-07-14 02:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=3290D6946B5E30E70414990574883DDB -- C:\Windows\SysWow64\alg.exe
[2009-07-14 02:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=3290D6946B5E30E70414990574883DDB -- C:\Windows\winsxs\amd64_microsoft-windows-alg_31bf3856ad364e35_6.1.7600.16385_none_04de43c774cf8fe3\alg.exe

< MD5 for: ATAPI.SYS >
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\drivers\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CDROM.SYS >
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysWow64\drivers\cdrom.sys
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009-07-14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009-07-14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009-07-14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysWOW64\cngaudit.dll
[2009-07-14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CSRSS.EXE >
[2009-07-14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysWow64\csrss.exe
[2009-07-14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: CTFMON.EXE >
[2009-07-14 02:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysWOW64\ctfmon.exe
[2009-07-14 02:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[2009-07-14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe
[2009-07-14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

< MD5 for: DISK.SYS >
[2009-07-14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysWow64\drivers\disk.sys
[2009-07-14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysWow64\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009-07-14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: EXPLORER.EXE >
[2014-06-24 10:42:02 | 004,818,848 | ---- | M] (Safer-Networking Ltd.) MD5=280C014187E24860A7C860329513208F -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe
[2010-11-21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010-11-21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010-11-21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010-11-21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: I8042PRT.SYS >
[2009-07-14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysWow64\drivers\i8042prt.sys
[2009-07-14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysWow64\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys
[2009-07-14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysWow64\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys
[2009-07-14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys
[2009-07-14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys

< MD5 for: IASTORV.SYS >
[2010-11-21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysWow64\drivers\iaStorV.sys
[2010-11-21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010-11-21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

< MD5 for: INTELIDE.SYS >
[2009-07-14 02:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\SysWow64\drivers\intelide.sys
[2009-07-14 02:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\intelide.sys
[2009-07-14 02:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\intelide.sys

< MD5 for: MOUNTMGR.SYS >
[2010-11-21 04:23:53 | 000,094,592 | ---- | M] (Microsoft Corporation) MD5=32E7A3D591D671A6DF2DB515A5CBE0FA -- C:\Windows\SysWow64\drivers\mountmgr.sys
[2010-11-21 04:23:53 | 000,094,592 | ---- | M] (Microsoft Corporation) MD5=32E7A3D591D671A6DF2DB515A5CBE0FA -- C:\Windows\winsxs\amd64_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.17514_none_50be2a351da54dd5\mountmgr.sys

< MD5 for: MRXSMB.SYS >
[2010-11-21 04:24:03 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=FAF015B07E3A2874A790A39B7D2C579F -- C:\Windows\SysWow64\drivers\mrxsmb.sys
[2010-11-21 04:24:03 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=FAF015B07E3A2874A790A39B7D2C579F -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17514_none_ddb772a467bcf964\mrxsmb.sys

< MD5 for: MRXSMB10.SYS >
[2010-11-21 04:24:03 | 000,287,744 | ---- | M] (Microsoft Corporation) MD5=08E2345DF129082BCDFFDC1440F9C00D -- C:\Windows\SysWow64\drivers\mrxsmb10.sys
[2010-11-21 04:24:03 | 000,287,744 | ---- | M] (Microsoft Corporation) MD5=08E2345DF129082BCDFFDC1440F9C00D -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.17514_none_e6ca90f8620e37c6\mrxsmb10.sys

< MD5 for: MRXSMB20.SYS >
[2010-11-21 04:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=108D87409C5812EF47D81E22843E8C9D -- C:\Windows\SysWow64\drivers\mrxsmb20.sys
[2010-11-21 04:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=108D87409C5812EF47D81E22843E8C9D -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.17514_none_e900fb0aa0656b37\mrxsmb20.sys

< MD5 for: NDIS.SYS >
[2010-11-21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysWow64\drivers\ndis.sys
[2010-11-21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010-11-21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysWOW64\netlogon.dll
[2010-11-21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010-11-21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010-11-21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2010-11-21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysWow64\drivers\nvstor.sys
[2010-11-21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010-11-21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: RASACD.SYS >
[2009-07-14 01:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\SysWow64\drivers\rasacd.sys
[2009-07-14 01:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys

< MD5 for: RDPCDD.SYS >
[2009-07-14 01:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=CEA6CC257FC9B7715F1C2B4849286D24 -- C:\Windows\SysWow64\drivers\RDPCDD.sys
[2009-07-14 01:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=CEA6CC257FC9B7715F1C2B4849286D24 -- C:\Windows\winsxs\amd64_microsoft-windows-t..niportdisplaydriver_31bf3856ad364e35_6.1.7600.16385_none_30d015c257effe8b\RDPCDD.sys

< MD5 for: SCECLI.DLL >
[2010-11-21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010-11-21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010-11-21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysWOW64\scecli.dll
[2010-11-21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009-07-14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysWow64\services.exe
[2009-07-14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SMSS.EXE >
[2009-07-14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysWow64\smss.exe
[2009-07-14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010-11-21 04:24:27 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\SysWow64\spoolsv.exe
[2010-11-21 04:24:27 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe

< MD5 for: STORPORT.SYS >
[2010-11-21 04:24:00 | 000,189,824 | ---- | M] (Microsoft Corporation) MD5=CCE3074CEE5F2FAF1E7468F224C409CC -- C:\Windows\SysWow64\drivers\storport.sys
[2010-11-21 04:24:00 | 000,189,824 | ---- | M] (Microsoft Corporation) MD5=CCE3074CEE5F2FAF1E7468F224C409CC -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7601.17514_none_85a2541846ce7014\storport.sys

< MD5 for: SVCHOST.EXE >
[2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysWOW64\svchost.exe
[2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010-11-21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SysWow64\drivers\tcpip.sys
[2010-11-21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys

< MD5 for: TERMDD.SYS >
[2010-11-21 04:23:47 | 000,063,360 | ---- | M] (Microsoft Corporation) MD5=561E7E1F06895D78DE991E01DD0FB6E5 -- C:\Windows\SysWow64\drivers\termdd.sys
[2010-11-21 04:23:47 | 000,063,360 | ---- | M] (Microsoft Corporation) MD5=561E7E1F06895D78DE991E01DD0FB6E5 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\termdd.sys
[2010-11-21 04:23:47 | 000,063,360 | ---- | M] (Microsoft Corporation) MD5=561E7E1F06895D78DE991E01DD0FB6E5 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\termdd.sys

< MD5 for: USERINIT.EXE >
[2010-11-21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010-11-21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010-11-21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysWOW64\userinit.exe
[2010-11-21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WIN32K.SYS >
[2010-11-21 04:24:16 | 003,126,272 | ---- | M] (Microsoft Corporation) MD5=A89392A32BA98468710FD7E38318934B -- C:\Windows\SysWow64\win32k.sys
[2010-11-21 04:24:16 | 003,126,272 | ---- | M] (Microsoft Corporation) MD5=A89392A32BA98468710FD7E38318934B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17514_none_17197f29b1265401\win32k.sys

< MD5 for: WININIT.EXE >
[2009-07-14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysWOW64\wininit.exe
[2009-07-14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009-07-14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009-07-14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysWow64\winlogon.exe
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2016-01-24 06:08:52 | 000,889,096 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2016-01-24 06:08:52 | 000,889,096 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2016-01-24 06:08:52 | 000,889,096 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [2016-01-24 03:14:33 | 000,393,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2016-01-24 03:14:33 | 000,393,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2016-01-24 03:14:33 | 000,393,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2010-11-21 04:25:08 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2010-11-21 04:25:08 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2010-11-21 04:25:08 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2010-11-21 04:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2010-11-21 04:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2016-01-24 06:08:52 | 000,889,096 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2016-01-24 06:08:52 | 000,889,096 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2016-01-24 06:08:52 | 000,889,096 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" [2016-01-24 03:14:33 | 000,393,672 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2016-01-24 03:14:33 | 000,393,672 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2016-01-24 03:14:33 | 000,393,672 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2009-07-14 02:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2009-07-14 02:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2009-07-14 02:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2010-11-21 04:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2010-11-21 04:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation)

< CreateRestorePoint >

< End of report >

Publicité


Signaler le contenu de ce document

Publicité