cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 16/02/2014 15:08:47 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Audrey\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,73 Gb Total Physical Memory | 2,62 Gb Available Physical Memory | 70,13% Memory free
7,46 Gb Paging File | 5,94 Gb Available in Paging File | 79,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283,99 Gb Total Space | 133,13 Gb Free Space | 46,88% Space Free | Partition Type: NTFS

Computer Name: AUDREY-PC | User Name: Audrey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\Audrey\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\ProgramData\WPM\wprotectmanager.exe (Cherished Technololgy LIMITED)
PRC - C:\Program Files (x86)\Re-markit\Re-markit_wd.exe ()
PRC - C:\ProgramData\IePluginService\PluginService.exe (Cherished Technololgy LIMITED)
PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle Corporation)
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
PRC - C:\ProgramData\MobileBrServ\mbbService.exe ()
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\SFR\Kit\9props.exe (SFR)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Windows\SysWOW64\WerFault.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\Re-markit\Re-markit_wd.exe ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.dll ()


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:[b]64bit:[/b] - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Live Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
SRV:[b]64bit:[/b] - (ePowerSvc) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV:[b]64bit:[/b] - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:[b]64bit:[/b] - (CxAudMsg) -- C:\Windows\SysNative\CxAudMsg64.exe (Conexant Systems Inc.)
SRV:[b]64bit:[/b] - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (Wpm) -- C:\ProgramData\WPM\wprotectmanager.exe (Cherished Technololgy LIMITED)
SRV - (IePluginService) -- C:\ProgramData\IePluginService\PluginService.exe (Cherished Technololgy LIMITED)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (O2 HiLink) -- C:\ProgramData\MobileBrServ\mbbService.exe ()
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe ()
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:[b]64bit:[/b] - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:[b]64bit:[/b] - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:[b]64bit:[/b] - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (huawei_cdcacm) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (huawei_cdcecm) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (huawei_ext_ctrl) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (SMARTMouseFilterx64) -- C:\Windows\SysNative\drivers\SMARTMouseFilterx64.sys (SMART Technologies ULC)
DRV:[b]64bit:[/b] - (SMARTVTabletPCx64) -- C:\Windows\SysNative\drivers\SMARTVTabletPCx64.sys (SMART Technologies ULC)
DRV:[b]64bit:[/b] - (SMARTVHidMiniVistaAmd64) -- C:\Windows\SysNative\drivers\SMARTVHidMiniVistaAmd64.sys (SMART Technologies ULC)
DRV:[b]64bit:[/b] - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:[b]64bit:[/b] - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:[b]64bit:[/b] - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:[b]64bit:[/b] - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:[b]64bit:[/b] - (npf) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:[b]64bit:[/b] - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:[b]64bit:[/b] - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:[b]64bit:[/b] - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:[b]64bit:[/b] - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1392487221&from=amt&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXE1EB1NPNU2NPNU2
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1392487221&from=amt&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXE1EB1NPNU2NPNU2&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1392487221&from=amt&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXE1EB1NPNU2NPNU2&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1392487221&from=amt&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXE1EB1NPNU2NPNU2
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}: "URL" = http://www.awesomehp.com/web/?type=ds&ts=1392487221&from=amt&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXE1EB1NPNU2NPNU2&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1392487221&from=amt&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXE1EB1NPNU2NPNU2
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1392487221&from=amt&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXE1EB1NPNU2NPNU2&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1392487221&from=amt&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXE1EB1NPNU2NPNU2&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1392487221&from=amt&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXE1EB1NPNU2NPNU2
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{30C49DD5-E7D1-FA9D-C86E-140763C3E36B}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDzz0ByB0D0CyDtA0C0A0DtN0D0Tzu0CyCyBtDtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=879489208&ir=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1392487221&from=amt&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXE1EB1NPNU2NPNU2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=36d0b446-e1c8-a62b-aa10-3be11c146ab7&searchtype=ds&q={searchTerms}&installDate=26/08/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=36d0b446-e1c8-a62b-aa10-3be11c146ab7&searchtype=ds&q={searchTerms}&installDate=26/08/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent.com/?appId=65A70DAF-AA5F-4DAF-9CF4-996314F8E449
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=36d0b446-e1c8-a62b-aa10-3be11c146ab7&searchtype=ds&q={searchTerms}&installDate=26/08/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=36d0b446-e1c8-a62b-aa10-3be11c146ab7&searchtype=ds&q={searchTerms}&installDate=26/08/2013
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}: "URL" = http://www.awesomehp.com/web/?type=ds&ts=1392487221&from=amt&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXE1EB1NPNU2NPNU2&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "awesomehp"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - prefs.js..browser.startup.homepage: "http://start.iminent.com/?appId=65A70DAF-AA5F-4DAF-9CF4-996314F8E449"
FF - prefs.js..extensions.enabledAddons: %7B36d0b446-e1c8-a62b-aa10-3be11c146ab7%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7Bef4e370e-d9f0-4e00-b93e-a4f274cfdd5a%7D:1.4.9
FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.3.4
FF - prefs.js..extensions.enabledAddons: webbooster%40iminent.com:8.4.3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/02/16 14:05:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/12/26 17:05:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\lightningnewtab@gmail.com: C:\Users\Audrey\AppData\Roaming\Mozilla\Firefox\Profiles\n7eymfj7.default\extensions\lightningnewtab@gmail.com.xpi [2014/01/23 01:56:40 | 000,680,183 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/12/26 17:05:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/09 20:41:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/15 21:34:39 | 000,000,000 | ---D | M]

[2012/06/20 12:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Audrey\AppData\Roaming\mozilla\Extensions
[2014/02/16 14:12:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Audrey\AppData\Roaming\mozilla\Firefox\Profiles\n7eymfj7.default\extensions
[2012/06/23 10:08:57 | 000,000,000 | ---D | M] (Facebook Friend Request, Notifications & Messages Alerts + Facebook Like Button) -- C:\Users\Audrey\AppData\Roaming\mozilla\Firefox\Profiles\n7eymfj7.default\extensions\{30A7232F-77C9-4bd3-A812-3036704DB7AC}
[2013/09/03 02:33:22 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\Audrey\AppData\Roaming\mozilla\Firefox\Profiles\n7eymfj7.default\extensions\{36d0b446-e1c8-a62b-aa10-3be11c146ab7}
[2013/08/23 12:02:33 | 000,000,000 | ---D | M] (WebConnect) -- C:\Users\Audrey\AppData\Roaming\mozilla\Firefox\Profiles\n7eymfj7.default\extensions\firefox@webconnect.co
[2014/02/15 19:00:36 | 000,000,000 | ---D | M] (Extension_Protected) -- C:\Users\Audrey\AppData\Roaming\mozilla\Firefox\Profiles\n7eymfj7.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack
[2014/02/15 22:08:15 | 000,000,000 | ---D | M] (YTAAdRemoval) -- C:\Users\Audrey\AppData\Roaming\mozilla\Firefox\Profiles\n7eymfj7.default\extensions\npliau@eeeijlztb.org
[2013/09/03 02:33:24 | 000,000,000 | ---D | M] (Browse2save) -- C:\Users\Audrey\AppData\Roaming\mozilla\Firefox\Profiles\n7eymfj7.default\extensions\wh_6aiu@bvpbyolmnu.edu
[2014/02/15 19:00:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Audrey\AppData\Roaming\mozilla\Firefox\Profiles\n7eymfj7.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack\resources\extension_protected
[2014/02/15 19:00:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Audrey\AppData\Roaming\mozilla\Firefox\Profiles\n7eymfj7.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack\resources\extension_protected\data
[2014/02/15 19:00:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Audrey\AppData\Roaming\mozilla\Firefox\Profiles\n7eymfj7.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack\resources\extension_protected\lib
[2014/01/23 01:56:40 | 000,680,183 | ---- | M] () (No name found) -- C:\Users\Audrey\AppData\Roaming\mozilla\firefox\profiles\n7eymfj7.default\extensions\lightningnewtab@gmail.com.xpi
[2012/12/16 20:00:21 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Audrey\AppData\Roaming\mozilla\firefox\profiles\n7eymfj7.default\extensions\torntv@torntv.com.xpi
[2013/09/11 17:11:09 | 000,216,989 | ---- | M] () (No name found) -- C:\Users\Audrey\AppData\Roaming\mozilla\firefox\profiles\n7eymfj7.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
[2013/09/11 17:11:09 | 000,685,671 | ---- | M] () (No name found) -- C:\Users\Audrey\AppData\Roaming\mozilla\firefox\profiles\n7eymfj7.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
[2012/01/18 23:19:56 | 000,002,418 | ---- | M] () -- C:\Users\Audrey\AppData\Roaming\mozilla\firefox\profiles\n7eymfj7.default\searchplugins\s-amazon-bymp-fr.xml
[2013/02/09 20:41:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\AUDREY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N7EYMFJ7.DEFAULT\EXTENSIONS\WEBBOOSTER@IMINENT.COM.XPI
[2013/02/01 19:22:53 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/12/26 17:04:12 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2014/02/15 19:00:24 | 000,000,567 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\awesomehp.xml
[2013/02/01 19:22:13 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/02/01 19:22:13 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: X-notifier (for Gmail\u2122,Hotmail,Yahoo,AOL...) = C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfjbkbddpfnoplfhceolpopfoepleco\3.3.12_0\
CHR - Extension: The Simple Life = C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjbgfbonmdidcihleedajlcaidfhffac\1_0\
CHR - Extension: YTAAdRemoval = C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaoipcokdhjkoaofgfjpnlmcjcmlkgj\1.5_0\
CHR - Extension: Google\u00A0Wallet = C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (YTAAdRemoval) - {5F267F97-7323-38D8-CDA7-B0D04479ADDE} - C:\ProgramData\YTAAdRemoval\xsnh.x64.dll ()
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (iminent Helper Object) - {112BA211-334C-4A90-90EC-2AD1CDAB287C} - C:\Program Files (x86)\IminentToolbar\1.8.28.3\bh\iminent.dll File not found
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (YTAAdRemoval) - {5F267F97-7323-38D8-CDA7-B0D04479ADDE} - C:\ProgramData\YTAAdRemoval\xsnh.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Iminent Toolbar) - {1FAFD711-ABF9-4F6A-8130-5166C7371427} - C:\Program Files (x86)\IminentToolbar\1.8.28.3\iminentTlbr.dll File not found
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:[b]64bit:[/b] - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [akEkjV0RL6] C:\ProgramData\xQ4e5dFM40\odoaztybt.exe (MediaArea.net)
O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files (x86)\SFR\Kit\9props.exe (SFR)
O4 - HKCU..\Run: [Mobile Partner] C:\Program Files (x86)\O2 Mobile WiFi\O2 Mobile WiFi File not found
O4 - HKCU..\Run: [NextLive] C:\Users\Audrey\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKLM..\RunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\17d88af9-e6ed-4c88-8bc5-7bf1a26045de.exe (AVAST Software)
O4 - Startup: C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8:[b]64bit:[/b] - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Envoyer à Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Envoyer au périphérique &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FD6628A-CD44-44A6-9DAE-A32C4EEE500F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{522782DE-D4AF-4543-A397-F84C50E2E199}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A635A941-7816-4799-9484-A46EC305ED91}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD07BAA9-1731-4090-8CF3-A0C26BE4EC51}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E95CA8AB-DA97-49F5-B866-BDEF3F8A63E9}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~2\261519~1.190\{c16c1~1\browse~1.dll) - File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/26 10:30:58 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4537f79f-17a3-11e2-ba30-c018858b7dc5}\Shell - "" = AutoRun
O33 - MountPoints2\{4537f79f-17a3-11e2-ba30-c018858b7dc5}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4537f7a8-17a3-11e2-ba30-c018858b7dc5}\Shell - "" = AutoRun
O33 - MountPoints2\{4537f7a8-17a3-11e2-ba30-c018858b7dc5}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{682fe737-84bc-11e2-bf60-b888e3014351}\Shell - "" = AutoRun
O33 - MountPoints2\{682fe737-84bc-11e2-bf60-b888e3014351}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{9a53bd18-b3d1-11e2-83dd-b888e3014351}\Shell - "" = AutoRun
O33 - MountPoints2\{9a53bd18-b3d1-11e2-83dd-b888e3014351}\Shell\AutoRun\command - "" = D:\autorun.exe
O33 - MountPoints2\{b1ebe9fc-065f-11e2-ba40-c018858b7dc5}\Shell - "" = AutoRun
O33 - MountPoints2\{b1ebe9fc-065f-11e2-ba40-c018858b7dc5}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014/02/16 14:16:28 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Roaming\AVAST Software
[2014/02/16 14:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/02/16 14:05:18 | 000,080,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/02/16 13:50:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/02/16 09:19:01 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/16 09:17:04 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/16 09:17:04 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/16 09:17:02 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/16 09:17:02 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/16 09:17:00 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/16 09:16:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/16 09:16:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/16 09:16:55 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/16 09:16:54 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/16 09:16:54 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/16 09:16:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/16 09:16:53 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/16 09:16:53 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/16 09:16:52 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/16 09:16:52 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/16 09:16:52 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/16 09:16:49 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/16 09:16:48 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/16 09:16:48 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/16 09:16:47 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/16 09:16:39 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/16 09:16:39 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/16 09:16:28 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/15 19:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AppsWatcher
[2014/02/15 19:03:03 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Local\cache
[2014/02/15 19:03:00 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Roaming\newnext.me
[2014/02/15 19:02:59 | 000,000,000 | ---D | C] -- C:\Users\Audrey\Documents\Mobogenie
[2014/02/15 19:02:59 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Local\Mobogenie
[2014/02/15 19:02:59 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Local\genienext
[2014/02/15 19:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginService
[2014/02/15 19:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/02/15 19:01:39 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
[2014/02/15 19:00:42 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Roaming\awesomehp
[2014/02/15 18:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Re-markit
[2014/02/15 17:11:06 | 000,000,000 | ---D | C] -- C:\Spacekace
[2014/02/15 14:37:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\xQ4e5dFM40
[2014/02/15 11:46:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/15 11:46:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/15 11:45:18 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/15 11:45:18 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/15 11:45:17 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/15 11:45:16 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/15 11:45:16 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/15 11:45:15 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/15 11:45:14 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/15 11:45:14 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/15 11:45:12 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/15 11:45:12 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/15 11:45:12 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/15 11:45:11 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/15 11:45:11 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/15 11:45:10 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/15 11:45:10 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/15 11:45:10 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/15 11:45:10 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/15 11:44:50 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/02/15 11:44:48 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/12 21:35:52 | 000,000,000 | ---D | C] -- C:\Users\Audrey\Desktop\Feelings and emotions
[2014/01/31 20:23:37 | 000,000,000 | ---D | C] -- C:\ProgramData\5c607bf4b6189437
[2014/01/31 20:22:55 | 000,000,000 | ---D | C] -- C:\ProgramData\YTAAdRemoval
[2014/01/31 20:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\mfaoipcokdhjkoaofgfjpnlmcjcmlkgj
[2014/01/27 14:06:31 | 000,000,000 | ---D | C] -- C:\Users\Audrey\.freemind
[2014/01/27 14:05:20 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Local\CrashRpt
[2014/01/25 17:16:56 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Roaming\PhotoFiltre 7
[2014/01/25 17:16:52 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
[2014/01/25 17:16:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
[2014/01/25 17:16:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoFiltre 7
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Audrey\Desktop\*.tmp files -> C:\Users\Audrey\Desktop\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014/02/16 15:19:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/16 15:14:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/02/16 14:24:02 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/16 14:23:34 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/16 14:23:34 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/16 14:15:40 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\Re-markit Update.job
[2014/02/16 14:15:30 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/16 14:15:20 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\Re-markit_wd.job
[2014/02/16 14:15:13 | 000,002,277 | ---- | M] () -- C:\Users\Audrey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/02/16 14:15:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/16 14:14:10 | 3003,305,984 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/16 14:05:05 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/02/16 14:05:05 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/02/16 14:05:05 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/02/16 14:05:05 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/02/16 14:05:05 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/02/16 14:05:05 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/02/16 14:05:05 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/02/16 14:05:05 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/02/16 14:05:03 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/16 13:55:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2014/02/16 09:46:20 | 001,641,112 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/16 09:46:20 | 000,745,518 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2014/02/16 09:46:20 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/16 09:46:20 | 000,149,004 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2014/02/16 09:46:20 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/16 09:45:56 | 001,641,112 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/15 19:10:12 | 000,001,182 | ---- | M] () -- C:\Users\Audrey\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/02/06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/06 11:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/01/31 20:22:56 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/01/30 19:10:38 | 000,007,313 | ---- | M] () -- C:\Users\Audrey\Desktop\Relation Art & Litte_rature Theory.odt
[2014/01/27 14:05:20 | 000,000,128 | ---- | M] () -- C:\Windows\wininit.ini
[2014/01/25 17:09:35 | 477,545,650 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/01/22 15:52:21 | 000,064,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Audrey\Desktop\*.tmp files -> C:\Users\Audrey\Desktop\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/02/16 13:50:31 | 000,002,277 | ---- | C] () -- C:\Users\Audrey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/02/15 18:59:41 | 000,000,386 | ---- | C] () -- C:\Windows\tasks\Re-markit Update.job
[2014/02/15 18:59:40 | 000,000,372 | ---- | C] () -- C:\Windows\tasks\Re-markit_wd.job
[2014/01/31 20:22:56 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/01/30 19:10:38 | 000,007,313 | ---- | C] () -- C:\Users\Audrey\Desktop\Relation Art & Litte_rature Theory.odt
[2014/01/27 14:05:20 | 000,000,128 | ---- | C] () -- C:\Windows\wininit.ini
[2013/11/05 22:25:05 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/10/31 14:01:10 | 000,351,124 | ---- | C] () -- C:\Users\Audrey\AppData\Local\mysearchdial-speeddial.crx
[2013/06/21 09:15:56 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013/06/20 16:40:06 | 000,014,200 | ---- | C] () -- C:\Users\Audrey\Notification (1).pdf
[2012/11/27 21:48:44 | 000,009,216 | ---- | C] () -- C:\Users\Audrey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/20 11:25:55 | 001,641,112 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/29 06:14:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< Citation: >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\system32\drivers\ *.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
Invalid Environment Variable: alluserprofile
Invalid Environment Variable: alluserprofile

[color=#A23BEC]< %appdata%\*. >[/color]
[2012/11/28 19:14:23 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Adobe
[2013/10/31 13:58:48 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\AffiliatedUpdate
[2012/10/22 13:12:37 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Amazon
[2012/10/09 13:13:53 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Apple Computer
[2013/05/03 16:44:52 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Atari
[2013/11/11 22:37:04 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\ATI
[2014/02/16 14:16:28 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\AVAST Software
[2014/02/15 19:10:12 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\awesomehp
[2013/10/23 10:49:22 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Canon
[2012/11/28 19:15:01 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/07/08 21:07:45 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2012/06/20 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\CyberLink
[2013/05/03 16:29:32 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\DAEMON Tools Lite
[2013/12/15 20:48:38 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\dvdcss
[2012/11/25 22:40:01 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\DVDVideoSoft
[2013/04/11 21:51:04 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Easy BitTorrent Client
[2012/09/16 19:44:47 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\FloodLightGames
[2013/10/29 17:08:01 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Foxit Software
[2012/06/22 10:15:08 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\gnupg
[2012/06/20 11:21:20 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Identities
[2011/10/19 18:08:28 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Macromedia
[2013/08/26 14:58:02 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Malwarebytes
[2010/11/21 08:16:41 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Media Center Programs
[2013/04/11 21:57:30 | 000,000,000 | --SD | M] -- C:\Users\Audrey\AppData\Roaming\Microsoft
[2012/06/20 12:21:27 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Mozilla
[2014/02/16 14:15:33 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\newnext.me
[2014/01/25 17:17:04 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\PhotoFiltre 7
[2012/09/17 17:56:13 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\PlayFirst
[2013/04/11 22:06:58 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\qBittorrent
[2012/10/16 09:27:24 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Rainmeter
[2013/12/26 17:08:01 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Real
[2013/12/26 17:06:11 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\RealNetworks
[2014/01/11 16:08:33 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Skype
[2013/03/01 23:40:12 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\SMART Technologies
[2013/03/01 21:58:43 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\SMART Technologies Inc
[2013/10/24 10:12:59 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\SoftGrid Client
[2012/06/20 11:27:43 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\TP
[2013/08/26 10:10:21 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\TuneUp Software
[2014/02/08 10:55:54 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\vlc
[2013/05/26 13:59:32 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\WildTangent
[2012/06/20 14:04:17 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\WinRAR
[2013/11/05 21:57:14 | 000,000,000 | ---D | M] -- C:\Users\Audrey\AppData\Roaming\Xilisoft

[color=#A23BEC]< %appdata%\*.exe /s >[/color]
[2014/02/08 04:42:12 | 000,131,640 | ---- | M] (Tencent Inc.) -- C:\Users\Audrey\AppData\Roaming\awesomehp\awesomehp.exe
[2012/12/02 17:36:04 | 000,055,424 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Audrey\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013/04/11 21:57:30 | 000,098,304 | R--- | M] () -- C:\Users\Audrey\AppData\Roaming\Microsoft\Installer\{2E295B5B-1AD4-4D36-97C2-A316084722CF}\python_icon.exe
[2013/08/26 10:28:59 | 000,110,080 | R--- | M] () -- C:\Users\Audrey\AppData\Roaming\Microsoft\Installer\{8AE3CFB6-78B2-4F55-A7BE-618FCFF43A03}\Icon1226A4C5.exe
[2013/08/26 10:28:59 | 000,110,080 | R--- | M] () -- C:\Users\Audrey\AppData\Roaming\Microsoft\Installer\{8AE3CFB6-78B2-4F55-A7BE-618FCFF43A03}\IconD7F16134.exe
[2013/08/26 10:28:59 | 000,110,080 | R--- | M] () -- C:\Users\Audrey\AppData\Roaming\Microsoft\Installer\{8AE3CFB6-78B2-4F55-A7BE-618FCFF43A03}\IconF7A21AF7.exe
[2013/05/26 13:59:32 | 001,012,584 | ---- | M] (WildTangent) -- C:\Users\Audrey\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-wildgames.exe
[2013/05/26 13:59:27 | 000,000,179 | ---- | M] () -- C:\Users\Audrey\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-wildgames.exe_filedata
[2013/05/26 14:01:33 | 000,000,174 | ---- | M] () -- C:\Users\Audrey\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-acer.exe_filedata
[2012/11/29 02:52:32 | 000,572,064 | ---- | M] (WildTangent, Inc.) -- C:\Users\Audrey\AppData\Roaming\WildTangent\WildTangent Games\App\Update\Updater.exe

[color=#A23BEC]< %systemdrive%\*. >[/color]
[2012/09/30 10:34:32 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2013/11/23 16:06:14 | 000,000,000 | ---D | M] -- C:\ADB
[2014/02/16 14:12:58 | 000,000,000 | ---D | M] -- C:\AdwCleaner
[2012/03/29 05:55:58 | 000,000,000 | -H-D | M] -- C:\book
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2013/10/06 08:28:45 | 000,000,000 | ---D | M] -- C:\download
[2013/11/23 11:48:36 | 000,000,000 | ---D | M] -- C:\Fastboot
[2012/06/20 17:44:31 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012/06/20 11:20:56 | 000,000,000 | -H-D | M] -- C:\OEM
[2009/07/14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2014/02/15 19:20:15 | 000,000,000 | R--D | M] -- C:\Program Files
[2014/02/16 14:12:34 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2014/02/16 14:12:34 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013/04/11 21:57:29 | 000,000,000 | ---D | M] -- C:\Python27
[2012/06/20 11:18:08 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013/08/26 10:29:55 | 000,000,000 | ---D | M] -- C:\sh4ldr
[2014/02/15 17:11:06 | 000,000,000 | ---D | M] -- C:\Spacekace
[2014/02/16 15:15:34 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012/06/20 11:18:16 | 000,000,000 | R--D | M] -- C:\Users
[2014/02/16 14:05:09 | 000,000,000 | ---D | M] -- C:\Windows

[color=#A23BEC]< %systemdrive%\*.exe >[/color]

[color=#A23BEC]< %programfiles%\*. >[/color]
[2012/12/18 21:52:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer
[2011/10/19 17:15:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer Games
[2012/10/21 12:57:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2012/11/28 19:14:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe Download Assistant
[2013/05/03 16:30:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Akella Games
[2012/10/22 13:12:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Amazon
[2012/03/29 06:04:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD APP
[2012/03/29 06:04:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2013/11/05 22:24:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AviSynth 2.5
[2013/11/05 22:24:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVN Products
[2013/10/06 09:04:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Canon
[2014/02/16 14:12:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2013/04/11 21:50:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Easy BitTorrent Client
[2012/06/22 11:07:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\fbquick
[2013/10/31 13:58:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FLV Player
[2013/08/23 12:02:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FLVPlayer
[2011/10/19 18:08:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Fooz Kids
[2013/10/29 17:06:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Foxit Software
[2013/04/10 13:03:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Freemake
[2014/02/16 13:48:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2013/11/05 22:32:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GreenTree Applications
[2013/11/19 22:45:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HTC
[2014/02/15 19:22:28 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/02/16 10:00:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2013/06/25 21:49:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2013/11/05 22:25:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\K-Lite Codec Pack
[2012/03/29 06:00:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Launch Manager
[2013/08/26 14:57:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/10/22 10:14:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2013/10/28 14:25:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2013/10/14 08:28:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/10/19 17:45:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/06/20 17:54:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2012/06/20 17:50:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/06/21 12:25:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2012/06/24 10:29:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2013/02/09 20:41:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2013/02/10 09:26:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/06/20 17:55:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2012/12/02 17:34:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2011/10/19 18:10:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\newsXpresso
[2012/10/16 16:12:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\O2 Mobile WiFi
[2014/01/25 17:16:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PhotoFiltre 7
[2014/02/15 19:00:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Re-markit
[2013/12/26 17:04:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Real
[2013/12/26 17:05:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RealNetworks
[2011/10/19 16:38:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2012/06/22 09:09:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RocketDock
[2012/06/20 15:56:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SFR
[2013/05/20 17:14:24 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2013/03/01 21:51:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SMART Technologies
[2012/12/02 17:37:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Spirent Communications
[2014/02/15 19:01:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SupTab
[2009/07/14 05:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2012/10/21 14:20:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2013/05/26 14:01:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildTangent Games
[2013/07/10 22:04:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2012/08/06 20:28:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2012/03/29 15:45:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2013/12/12 07:47:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2012/03/29 15:45:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2010/11/21 04:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2012/03/29 15:45:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2012/06/20 14:04:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR
[2013/11/05 21:56:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Xilisoft

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/07/14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/07/14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/07/14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/07/14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/07/14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/07/14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2014/02/15 17:12:24 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\01cebcf6-5cf3-4a9b-84da-ca97ca081833\explorer.exe
[2014/02/15 17:12:29 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\05b43463-f551-4de1-8117-1c93df443c56\explorer.exe
[2014/02/15 17:12:31 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\0600cd70-ec45-4699-87d4-43a9fbefaa6c\explorer.exe
[2014/02/15 17:12:22 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\06f8bb64-8914-407e-a1fd-06e56e34fd85\explorer.exe
[2014/02/15 17:12:19 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\135e4e4c-a315-4a6a-9e68-27f63cb23725\explorer.exe
[2014/02/15 17:12:22 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\15fe303e-abf5-4578-87f9-6dc40b80a8a9\explorer.exe
[2014/02/15 17:12:38 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\183d8231-1461-4464-82ad-a25242574b10\explorer.exe
[2014/02/15 17:12:23 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\1913ee65-62bf-4a7a-8b1a-289d708df040\explorer.exe
[2014/02/15 17:12:20 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\1ae6bccc-ddf9-48a5-a548-04292947ce03\explorer.exe
[2014/02/15 17:12:30 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\1cb43abb-636f-43bd-a9b0-43cdb284de21\explorer.exe
[2014/02/15 17:12:23 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\1ccc8c16-6550-4dd6-81c6-180152af94c3\explorer.exe
[2014/02/15 17:12:19 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\1d49f014-754c-408d-a992-aff07cb38e85\explorer.exe
[2014/02/15 17:12:17 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\1f1d05e4-4d78-4a08-b0cd-aa348d6c9d85\explorer.exe
[2014/02/15 17:12:20 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\20ccb32e-1d6e-43ce-91a2-c76573595c20\explorer.exe
[2014/02/15 17:12:33 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\26e4f61a-5bc2-42d8-8690-1bc61e5117f7\explorer.exe
[2014/02/15 17:12:24 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\29a6b999-509b-454f-9e6a-3c20e82a6c07\explorer.exe
[2014/02/15 17:12:27 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\29d06551-42a8-4677-b866-c72cee81b34e\explorer.exe
[2014/02/15 17:12:32 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\312a94cc-c427-4ded-abee-45056230840a\explorer.exe
[2014/02/15 17:12:19 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\314449ae-c848-4b20-8735-0c8015c59f38\explorer.exe
[2014/02/15 17:12:35 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\319e95fa-a4a9-41a2-bdf3-0a3d2f060e76\explorer.exe
[2014/02/15 17:12:23 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\34cdf33e-4d04-4d4f-be3b-7d6a18322cb1\explorer.exe
[2014/02/15 17:12:20 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\3581e90c-543f-4142-930f-d71aa6fb94ba\explorer.exe
[2014/02/15 17:12:29 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\358237a1-b070-4038-8682-df57bc19be36\explorer.exe
[2014/02/15 17:12:28 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\361053a8-f220-41ec-b2e6-36f6a56874b2\explorer.exe
[2014/02/15 17:12:21 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\3793e414-87a9-4523-ae74-253f34fc6a98\explorer.exe
[2014/02/15 17:12:31 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\3a5c4327-152b-4d4e-bfcb-e02c5e4c7023\explorer.exe
[2014/02/15 17:12:32 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\3ac95a49-8bf5-4b05-9fcb-553acf28e4d2\explorer.exe
[2014/02/15 17:12:26 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\3da77868-aaf3-4be1-acd9-2e05c7f44d5f\explorer.exe
[2014/02/15 17:12:29 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\3dc4dd38-fa78-49a5-8fdd-1d72d4f10297\explorer.exe
[2014/02/15 17:12:30 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\3ef61d5a-2a7d-4cc2-a022-212182451891\explorer.exe
[2014/02/15 17:12:22 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\3f8db9ab-5cc4-4248-9b31-e36325476a2b\explorer.exe
[2014/02/15 17:12:22 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\425f7871-ce4a-4ae0-aaa1-424516f3ed17\explorer.exe
[2014/02/15 17:12:30 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\42d334a3-540c-439e-8537-7fc0b736fcb0\explorer.exe
[2014/02/15 17:12:18 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\4461c4b7-0775-4165-98a1-837da55c6ddb\explorer.exe
[2014/02/15 17:12:21 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\47678efc-0632-44f0-bef6-d2016127acf1\explorer.exe
[2014/02/15 17:12:30 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\491d122f-3976-48c2-aa36-d73516bda3dd\explorer.exe
[2014/02/15 17:12:30 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\4a684246-e0b7-463e-bfc0-31765225f558\explorer.exe
[2014/02/15 17:12:17 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\4b54da44-f99b-4214-ba7a-8819ddf10f7f\explorer.exe
[2014/02/15 17:12:23 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\4ec25e1c-d313-4b73-b16e-1d93ab446d5a\explorer.exe
[2014/02/15 17:12:33 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\50b40780-4732-4206-bf8f-1d6039265bde\explorer.exe
[2014/02/15 17:12:29 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\52bffc68-1976-44d9-8d58-55a9a08cab8b\explorer.exe
[2014/02/15 17:12:20 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\549fecc2-e55e-4d4b-974c-0fab5e701129\explorer.exe
[2014/02/15 17:12:25 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\55d2c917-e7e2-4341-8c57-17fb6dfed309\explorer.exe
[2014/02/15 17:12:18 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\58f309e1-5e32-4550-918c-a3813721618f\explorer.exe
[2014/02/15 17:12:22 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\5a632768-4482-4205-86b1-cf81081718fc\explorer.exe
[2014/02/15 17:12:25 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\5af8ed40-b1e0-4ee8-b69e-3ffae7b2a03c\explorer.exe
[2014/02/15 17:12:29 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\5c027c8c-4c91-497b-b7b3-b3835965d9cc\explorer.exe
[2014/02/15 17:12:32 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\5e354c14-7b7c-462c-89e1-6f3fd066f8cc\explorer.exe
[2014/02/15 17:12:26 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\5f16be98-123f-4f59-9a60-cb998366b1b4\explorer.exe
[2014/02/15 17:12:29 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\618e4224-9ea7-4994-b57a-1815eac77b8b\explorer.exe
[2014/02/15 17:12:21 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\61e8d9d4-75c4-4af2-8365-508b9d819b61\explorer.exe
[2014/02/15 17:12:35 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\6228a41f-900b-4155-9a13-863f28845009\explorer.exe
[2014/02/15 17:12:38 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\62d57874-7c8f-4dc6-a333-96b774318097\explorer.exe
[2014/02/15 17:12:25 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\648ae224-0846-4dd9-b2d0-c2139c66940f\explorer.exe
[2014/02/15 17:12:28 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\6866042f-0f55-4c8d-a118-b5da354baf24\explorer.exe
[2014/02/15 17:12:28 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\6b0f2938-a9a1-4971-ac3a-fe73498ea383\explorer.exe
[2014/02/15 17:12:19 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\721cdb85-8e06-4fb8-b28b-cef53977c8b9\explorer.exe
[2014/02/15 17:12:21 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\73832ee8-0977-43e7-97c6-c9c6f9484cdb\explorer.exe
[2014/02/15 17:12:26 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\7471db1b-fc62-4f88-85d8-d54481b9f76b\explorer.exe
[2014/02/15 17:12:18 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\76bc8711-97ab-465f-aff2-510ae7fb9078\explorer.exe
[2014/02/15 17:12:23 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\77da35b0-4bfd-4183-a3ee-58e29998138f\explorer.exe
[2014/02/15 17:12:30 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\79ea5232-a646-4477-989a-d62584b2fd28\explorer.exe
[2014/02/15 17:12:17 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\7b409055-76b0-467d-b9af-1f1358275b54\explorer.exe
[2014/02/15 17:12:34 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\7c40bdb8-d71c-4243-8320-e68542eba9ca\explorer.exe
[2014/02/15 17:12:21 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\7e4c4784-4f59-4bdd-a53b-cc7a7162adba\explorer.exe
[2014/02/15 17:12:24 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\7fbe1ae9-a4c6-4be7-86dc-3ae2237e469e\explorer.exe
[2014/02/15 17:12:37 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\81b003eb-07d2-458c-8779-3c8e89c47301\explorer.exe
[2014/02/15 17:12:27 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\81b78b44-4621-4fe7-a814-d56af3f7bbea\explorer.exe
[2014/02/15 17:12:19 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\824772d0-0f3c-4427-bf5a-244db673cd15\explorer.exe
[2014/02/15 17:12:36 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\84ce5d6d-36df-4c36-8d2a-9cef1eb8a9fb\explorer.exe
[2014/02/15 17:12:18 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\871c2c36-8f47-40bc-b9ee-3f5b1e03e87f\explorer.exe
[2014/02/15 17:12:28 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\88d48021-a756-4787-bf4e-a8a4d2668226\explorer.exe
[2014/02/15 17:12:27 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\8bb5672f-5630-4efa-8b04-0ab679a7965c\explorer.exe
[2014/02/15 17:12:20 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\9226b9ac-3650-4fdb-abc5-9c126a49806b\explorer.exe
[2014/02/15 17:12:32 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\95c0f55a-2a88-443f-bc82-60da61044434\explorer.exe
[2014/02/15 17:12:37 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\997e15ff-2538-4b27-af4a-91636c7a8c9a\explorer.exe
[2014/02/15 17:12:28 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\9a25c9f7-3dca-4955-9712-8707dbcd2869\explorer.exe
[2014/02/15 17:12:27 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\9d7948de-2401-47cf-953e-caa725438ebd\explorer.exe
[2014/02/15 17:12:21 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\9ee8b50f-0e14-44dd-8968-fd3ab3db75e2\explorer.exe
[2014/02/15 17:12:24 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\9f68f6c7-be83-4f9e-8b4c-ed9aebf0910c\explorer.exe
[2014/02/15 17:12:18 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\a03382eb-7917-41a0-941b-99dff659baff\explorer.exe
[2014/02/15 17:12:27 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\a0f9fe74-4fea-45ae-9888-14118e2383da\explorer.exe
[2014/02/15 17:12:25 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\a4b97f20-69d9-4f2a-9df6-575f32248ba9\explorer.exe
[2014/02/15 17:12:34 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\a6caafd2-4495-40c2-98a8-760b9bb19a3d\explorer.exe
[2014/02/15 17:12:18 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\a8a137ca-8821-4f00-b9db-3742f5d1b43e\explorer.exe
[2014/02/15 17:12:24 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\a8c05f4b-2849-41e5-9b0d-0fbee666c7d0\explorer.exe
[2014/02/15 17:12:23 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\a8fbe4e8-37a8-4879-a928-8bcd214d016b\explorer.exe
[2014/02/15 17:12:28 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\a9d9f6ac-40c4-493d-ac46-fab02c6bf40b\explorer.exe
[2014/02/15 17:12:31 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\b46c0fa6-c402-4350-b3c0-59058bf92d6c\explorer.exe
[2014/02/15 17:12:34 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\b8f7025b-0d29-48bd-bebc-9ad1fceb677d\explorer.exe
[2014/02/15 17:12:24 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\c4d064a7-f30a-4f75-a5ce-653d9c9d0151\explorer.exe
[2014/02/15 17:12:26 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\c8764ef1-83f5-42ac-9ac0-bc009afd88c4\explorer.exe
[2014/02/15 17:12:32 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\c8eeb97d-c322-44ca-ac28-0013fefda905\explorer.exe
[2014/02/15 17:12:34 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\c9106b6a-c8ea-4369-b689-1fef0a8aed13\explorer.exe
[2014/02/15 17:12:29 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\cab77546-1cee-4c17-8484-1720110fbb82\explorer.exe
[2014/02/15 17:12:20 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\d006e526-c042-4132-adc4-174c49d634b6\explorer.exe
[2014/02/15 17:12:31 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\d1234e0b-6729-4d8b-87a9-a328775b7b1d\explorer.exe
[2014/02/15 17:12:35 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\d1463343-3680-4940-b96e-65a8b915e3e0\explorer.exe
[2014/02/15 17:12:24 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\d4cacb27-578c-4062-a531-96e5264ccfdd\explorer.exe
[2014/02/15 17:12:26 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\d4ddd207-db4b-4994-8df9-0044580aa34a\explorer.exe
[2014/02/15 17:12:22 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\d6b34a50-0a09-4292-baee-58853110e238\explorer.exe
[2014/02/15 17:12:17 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\d8d4b320-9f39-4bb5-b1a0-e978813d59f0\explorer.exe
[2014/02/15 17:12:34 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\e0007a2c-8cb3-4a2d-b3ab-6dec567f1986\explorer.exe
[2014/02/15 17:12:31 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\e1fcf431-fe32-4cfa-83c2-420c127ef7a4\explorer.exe
[2014/02/15 17:12:36 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\e2a2ecdd-b2b4-4c4d-8133-f05421edd05f\explorer.exe
[2014/02/15 17:12:26 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\e3a916df-f710-4359-a1a3-73a76af05331\explorer.exe
[2014/02/15 17:12:37 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\e5391a0f-4697-4cc9-a170-4e7c4fc50c3a\explorer.exe
[2014/02/15 17:12:30 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\e5a13fbd-5a51-430f-a86a-c07cbe3dccdd\explorer.exe
[2014/02/15 17:12:25 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\e95eccc7-fdc3-454a-a292-603945a46e0d\explorer.exe
[2014/02/15 17:12:25 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\ea310970-472e-4bda-9081-28182c45830d\explorer.exe
[2014/02/15 17:12:31 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\edb94c84-8b05-4694-a43f-0d7ae9886a6f\explorer.exe
[2014/02/15 17:12:26 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\f0ba7354-1919-4f4e-b4da-94cd2342327d\explorer.exe
[2014/02/15 17:12:33 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\f0d85de7-e30a-4f74-bbf1-7ae27ad53622\explorer.exe
[2014/02/15 17:12:20 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\f4d1255a-39e7-4b67-b544-606cc561b650\explorer.exe
[2014/02/15 17:12:27 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\f6294358-d3d4-4811-ad9b-225d10e36800\explorer.exe
[2014/02/15 17:12:19 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\f90ac4f2-1511-4856-84e3-04c048651503\explorer.exe
[2014/02/15 17:12:28 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\f933d8f8-1812-4383-b1ca-07b6aeaeb45a\explorer.exe
[2014/02/15 17:12:18 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\fb534715-26ee-42d2-adc5-73246f257789\explorer.exe
[2014/02/15 17:12:21 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\fc9a8890-f5c6-4767-8977-38cc80abe42e\explorer.exe
[2014/02/15 17:12:19 | 000,051,928 | ---- | M] () MD5=E887F98CD5B28446E6D51A88336F68C8 -- C:\Windows\Temp\ff51595c-263c-4853-a348-3ee81715b180\explorer.exe

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< End of report >

Publicité

Signaler le contenu de ce document

Publicité