cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 08/08/2015 10:02:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gilbert\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,97 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 60,70% Memory free
7,93 Gb Paging File | 5,98 Gb Available in Paging File | 75,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,92 Gb Total Space | 131,91 Gb Free Space | 46,30% Space Free | Partition Type: NTFS
Drive D: | 12,98 Gb Total Space | 2,17 Gb Free Space | 16,68% Space Free | Partition Type: NTFS

Computer Name: GILBERT-PC | User Name: Gilbert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\Gilbert\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Glarysoft Ltd)
PRC - C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (IBM Corp.)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IBM Corp.)
PRC - C:\Program Files (x86)\Soda PDF 7\creator-ws.exe (LULU SOFTWARE LIMITED)
PRC - C:\Program Files (x86)\Ad Muncher\AdMunch.exe (Murray Hurps Software Pty Ltd)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Online Games Manager\ogmservice.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\orange\MailNotifier\MailNotifier.exe ()
PRC - C:\Windows\SysWOW64\atashost.exe (WebEx Communications, Inc.)
PRC - c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe (CyberLink Corp.)
PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Program Files\AVAST Software\Avast\log.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Program Files (x86)\Glary Utilities 5\zlib1.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll ()
MOD - C:\Program Files (x86)\orange\MailNotifier\QtXml4.dll ()
MOD - C:\Program Files (x86)\orange\MailNotifier\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\orange\MailNotifier\QtGui4.dll ()
MOD - C:\Program Files (x86)\orange\MailNotifier\QtCore4.dll ()
MOD - C:\Program Files (x86)\orange\MailNotifier\phonon4.dll ()
MOD - C:\Program Files (x86)\orange\MailNotifier\ProxyDetection.dll ()
MOD - C:\Program Files (x86)\orange\MailNotifier\phonon_backend\phonon_ds94.dll ()
MOD - C:\Program Files (x86)\orange\MailNotifier\MailNotifier.exe ()
MOD - C:\Program Files (x86)\orange\MailNotifier\imageformats\qgif4.dll ()
MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:[b]64bit:[/b] - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (NovaPdfServer) -- C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe (Microsoft)
SRV:[b]64bit:[/b] - (wltrysvc) -- C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE (Broadcom Corporation)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:[b]64bit:[/b] - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:[b]64bit:[/b] - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:[b]64bit:[/b] - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (Garmin Device Interaction Service) -- C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe (Garmin Ltd. or its subsidiaries)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (RapportMgmtService) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IBM Corp.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Soda PDF 7 Creator) -- C:\Program Files (x86)\Soda PDF 7\creator-ws.exe (LULU SOFTWARE LIMITED)
SRV - (Soda PDF 7) -- C:\Program Files (x86)\Soda PDF 7\ws.exe (LULU SOFTWARE LIMITED)
SRV - (Soda PDF 7 CrashHandler) -- C:\Program Files (x86)\Soda PDF 7\crash-handler-ws.exe (LULU SOFTWARE LIMITED)
SRV - (Freemake Improver) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Freemake)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ogmservice) -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe (RealNetworks, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (atashost) -- C:\Windows\SysWOW64\atashost.exe (WebEx Communications, Inc.)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:[b]64bit:[/b] - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (RapportHades64) -- C:\Windows\SysNative\drivers\RapportHades64.sys (IBM Corp.)
DRV:[b]64bit:[/b] - (GUBootStartup) -- C:\Windows\SysNative\drivers\GUBootStartup.sys (Glarysoft Ltd)
DRV:[b]64bit:[/b] - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:[b]64bit:[/b] - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:[b]64bit:[/b] - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:[b]64bit:[/b] - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:[b]64bit:[/b] - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (PSI) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys (Secunia)
DRV:[b]64bit:[/b] - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys ()
DRV:[b]64bit:[/b] - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:[b]64bit:[/b] - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:[b]64bit:[/b] - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:[b]64bit:[/b] - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (KeyScrambler) -- C:\Windows\SysNative\drivers\keyscrambler.sys (QFX Software Corporation)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV:[b]64bit:[/b] - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:[b]64bit:[/b] - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:[b]64bit:[/b] - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:[b]64bit:[/b] - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (AVerAF35) -- C:\Windows\SysNative\drivers\AVerAF35.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV:[b]64bit:[/b] - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:[b]64bit:[/b] - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:[b]64bit:[/b] - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:[b]64bit:[/b] - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:[b]64bit:[/b] - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:[b]64bit:[/b] - (johci) -- C:\Windows\SysNative\drivers\johci.sys (JMicron Technology Corp.)
DRV:[b]64bit:[/b] - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver.sys (Synaptics Incorporated)
DRV - (RapportCerberus_1412112) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1412112.sys (IBM Corp.)
DRV - (RapportEI64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys (IBM Corp.)
DRV - (RapportPG64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys (IBM Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\BatteryCare\WinRing0x64.sys (OpenLibSys.org)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.fr
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{c9ab6446-7efc-47fe-966c-dc54324eff9f}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{EE827FB0-3919-499E-9774-F2F7D0C4C983}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/search?q={searchTerms}&FORM=INMODF&PC=IN01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms}&FORM=INMODF&PC=IN01
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKCU\..\SearchScopes\{814C76CB-2623-43F4-AAD0-58A0E5190A20}: "URL" = http://r.orange.fr/r?ref=O_OI_hook_openSearchIE&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata={searchTerms}
IE - HKCU\..\SearchScopes\{8E76DD24-4D38-4F4E-8F28-B44F04DE16E0}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{c9ab6446-7efc-47fe-966c-dc54324eff9f}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.defaultengine: "Google (avast)"
FF - prefs.js..browser.search.defaultthis.engineName: "Google (avast)"
FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search/?trackid=sp-006"
FF - prefs.js..browser.search.hiddenOneOffs: "Amazon.fr,DuckDuckGo,eBay France,Portail Lexical - CNRTL"
FF - prefs.js..browser.search.order.1: "Google (avast)"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484"
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..browser.search.selectedEngine: "Orange"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.6.12.1-signed
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:10.2.0.187
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.12
FF - prefs.js..extensions.enabledItems: latransparencedesprix@workit.fr:1.0.10
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: iobit@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: {5384767E-00D9-40E9-B72F-9CC39D655D6F}:1.4.1.0
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: readability@readability.com:1.5
FF - prefs.js..keyword.URL: "http://r.orange.fr/r?ref=O_OI_hook_openSearchFF&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata="
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.51.2: C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2: C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Soda PDF 7: C:\Program Files (x86)\Soda PDF 7\np-previewer.dll (LULU SOFTWARE LIMITED)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Gilbert\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmdownloader@gmail.com: C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ytfmdownloader@gmail.com: C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ [2013/05/20 11:50:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/09/30 12:10:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\pdf_architect_2_conv@pdfarchitect.org: C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\soda_pdf_7_conv@sodapdf.com: C:\Program Files (x86)\Soda PDF 7\resources\sodapdf7firefoxextension\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/08/03 16:39:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.7.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.7.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/09/30 12:10:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 17:14:15 | 000,000,000 | ---D | M]

[2015/01/29 10:41:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Extensions
[2015/08/03 17:00:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\b0l7bvlx.default\extensions
[2015/06/04 09:05:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\eep20gzc.default-1429690129400\extensions
[2015/06/04 09:05:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\eep20gzc.default-1429690129400\extensions\staged
[2015/06/17 08:48:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\fc1wt1vc.default-1342078505256\extensions
[2015/06/04 09:05:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\fc1wt1vc.default-1342078505256\extensions\staged
[2015/06/17 08:48:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par défaut\extensions
[2012/09/17 17:13:16 | 000,000,000 | ---D | M] (Menu Contextuel Orange) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par défaut\extensions\menu_contextuel_orange@orange.fr
[2015/06/04 09:06:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par défaut\extensions\staged
[2015/06/04 09:05:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒ©faut\extensions
[2015/02/20 17:22:21 | 000,000,000 | ---D | M] (Set Search Settings) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒ©faut\extensions\{e48eb377-9675-4f2b-be40-b8ba3e0d933c}
[2015/06/04 09:05:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒ©faut\extensions\staged
[2015/06/04 09:06:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒÆ Ã ©faut\extensions
[2015/02/20 17:22:23 | 000,000,000 | ---D | M] (Set Search Settings) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒÆ Ã ©faut\extensions\{e48eb377-9675-4f2b-be40-b8ba3e0d933c}
[2015/06/04 09:06:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒÆ Ã ©faut\extensions\staged
[2015/06/04 09:06:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒÆ à ⬠"!Ò⬠ Ã¢â ¬â ¢Ã’Æ â⠬ Ò¢â⬠a¬â⬠~¢ÒÆ à ⬠"!Ò¢â⬠a¬Ã& ¡ÒÆ â⠬šÒ⬠aà ©faut\extensions
[2015/06/04 09:06:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒÆ à ⬠"!Ò⬠ Ã¢â ¬â ¢Ã’Æ â⠬ Ò¢â⬠a¬â⬠~¢ÒÆ à ⬠"!Ò¢â⬠a¬Ã& ¡ÒÆ â⠬šÒ⬠aà ©faut\extensions\staged
[2015/06/04 09:06:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒÆ à ⬠"!Ò⬠ Ã¢â ¬â ¢Ã’Æ â⠬šÒ⬠aà ©faut\extensions
[2015/02/20 17:22:29 | 000,000,000 | ---D | M] (Set Search Settings) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒÆ à ⬠"!Ò⬠ Ã¢â ¬â ¢Ã’Æ â⠬šÒ⬠aà ©faut\extensions\{e48eb377-9675-4f2b-be40-b8ba3e0d933c}
[2015/06/04 09:06:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒÆ à ⬠"!Ò⬠ Ã¢â ¬â ¢Ã’Æ â⠬šÒ⬠aà ©faut\extensions\staged
[2015/06/04 09:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒÆ à ⬠"!Ò⬠aà ©faut\extensions
[2015/02/20 17:22:25 | 000,000,000 | ---D | M] (Set Search Settings) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒÆ à ⬠"!Ò⬠aà ©faut\extensions\{e48eb377-9675-4f2b-be40-b8ba3e0d933c}
[2015/06/04 09:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par dÒÆ à ⬠"!Ò⬠aà ©faut\extensions\staged
[2015/06/17 08:48:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\Firefox\Profiles\zqzszc73.Utilisateur par défaut\extensions
[2015/06/12 16:17:44 | 000,153,412 | ---- | M] () (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\firefox\profiles\b0l7bvlx.default\extensions\mytube@ashishmishra.in.xpi
[2015/06/05 09:53:17 | 000,400,336 | ---- | M] () (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\firefox\profiles\b0l7bvlx.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2015/08/03 17:00:18 | 000,349,849 | ---- | M] () (No name found) -- C:\Users\Gilbert\AppData\Roaming\mozilla\firefox\profiles\b0l7bvlx.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014/07/04 10:34:25 | 000,005,830 | ---- | M] () -- C:\Users\Gilbert\AppData\Roaming\mozilla\firefox\profiles\b0l7bvlx.default\searchplugins\bing-avast.xml
[2015/04/19 11:08:13 | 000,002,428 | ---- | M] () -- C:\Users\Gilbert\AppData\Roaming\mozilla\firefox\profiles\b0l7bvlx.default\searchplugins\google-avast.xml
[2014/01/27 18:24:08 | 000,002,808 | ---- | M] () -- C:\Users\Gilbert\AppData\Roaming\mozilla\firefox\profiles\b0l7bvlx.default\searchplugins\Google.xml
[2015/04/28 15:17:50 | 000,001,141 | ---- | M] () -- C:\Users\Gilbert\AppData\Roaming\mozilla\firefox\profiles\b0l7bvlx.default\searchplugins\orange.xml
[2015/07/17 17:14:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/07/17 17:14:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015/08/03 16:39:43 | 000,000,000 | ---D | M] ("Avast Online Security") -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2014/10/28 10:27:02 | 000,185,944 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\2.0.4_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\akimgimeeoiognljlfchpbkpfbmeapkh\1.0.37_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf\1.10_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.6.0_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkanhckocooacphbnclgcndnpfpoppdk\2.4.4_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.28_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekckfmbgohljpbplohgkeoepmieffaef\2.0_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.5_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_1\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe\2.0.2_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe\2.0.2_0\~
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnfhegjokgomjeghmiildndfeopcpcpm\4.0_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml\7.1_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\1.4.0_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncdobdbibdgoiohgnflmjajfphcnakg\0.6.1_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp\0.9931_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe\6.34_1\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.4.6_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\1.9.16_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdkpkoaonnchdakgkmmcmnihhhgbjch\0.9.8_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.18_0\
CHR - Extension: No name found = C:\Users\Gilbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh\0.9.0.9_0\

O1 HOSTS File: ([2015/07/18 12:58:19 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
O2 - BHO: (no name) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {ba679afc-8ba0-48f4-b8bf-c144e8699fbc} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE (Broadcom Corporation)
O4 - HKLM..\Run: [Ad Muncher] C:\Program Files (x86)\Ad Muncher\AdMunch.exe (Murray Hurps Software Pty Ltd)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files (x86)\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [GUDelayStartup] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd)
O4 - HKCU..\Run: [MailNotifier] C:\Program Files (x86)\orange\MailNotifier\MailNotifier.exe ()
O4 - Startup: C:\Users\Gilbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk = C:\Program Files (x86)\Spamihilator\spamihilator.exe (Michel Krämer)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAPower = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - Reg Error: Key error. File not found
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9 - Extra Button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: orange.fr ([logicielsgratuits] http in Sites de confiance)
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Reg Error: Key error.)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Reg Error: Key error.)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Reg Error: Key error.)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Reg Error: Key error.)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 11.51.2)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 11.51.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{123AD9DA-55E1-4094-ABA6-ED5E35A603E4}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\belarc - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:[b]64bit:[/b] - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Program Files (x86)\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/06/26 18:17:24 | 000,000,000 | ---D | M] - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^Users^Gilbert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lanceur.lnk - C:\Program Files (x86)\Micro Application\LauncherMA.exe - (Micro Application)
MsConfig:64bit - StartUpFolder: C:^Users^Gilbert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^Users^Gilbert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Outil de notification Live Search.lnk - - File not found
MsConfig:64bit - StartUpReg: [b]00PCTFW[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]APSDaemon[/b] - hkey= - key= - c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: [b]CCleaner Monitoring[/b] - hkey= - key= - C:\Program Files (x86)\CCleaner\CCleaner64.exe (Piriform Ltd)
MsConfig:64bit - StartUpReg: [b]Ditto[/b] - hkey= - key= - C:\Program Files\Ditto\Ditto.exe ()
MsConfig:64bit - StartUpReg: [b]Eraser[/b] - hkey= - key= - C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
MsConfig:64bit - StartUpReg: [b]GarminExpressTrayApp[/b] - hkey= - key= - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd. or its subsidiaries)
MsConfig:64bit - StartUpReg: [b]Google Update[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]HPCam_Menu[/b] - hkey= - key= - c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: [b]hpqSRMon[/b] - hkey= - key= - C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
MsConfig:64bit - StartUpReg: [b]IAStorIcon[/b] - hkey= - key= - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: [b]KiesTrayAgent[/b] - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig:64bit - StartUpReg: [b]MAAgent[/b] - hkey= - key= - c:\Program Files (x86)\MarkAny\ContentSafer\MaAgent.exe ((üÈ)ȹlÐ`ÅȲ)
MsConfig:64bit - StartUpReg: [b]MyDefragReminder[/b] - hkey= - key= - C:\Program Files (x86)\ConsumerSoft\My Defragmenter\DefragReminder.exe (ConsumerSoft)
MsConfig:64bit - StartUpReg: [b]Nuance PDF Reader-reminder[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]OrangeInside[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]QlbCtrl.exe[/b] - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
MsConfig:64bit - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: [b]Rainlendar2[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]Service Planificateur2 Acronis[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
MsConfig:64bit - StartUpReg: [b]Skype[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]SmartMenu[/b] - hkey= - key= - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
MsConfig:64bit - StartUpReg: [b]SMSTray[/b] - hkey= - key= - C:\Program Files (x86)\Samsung\Samsung Media Studio 5\SMSTray.exe (SAMSUNG ELECTRONICS)
MsConfig:64bit - StartUpReg: [b]StartCCC[/b] - hkey= - key= - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig:64bit - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
MsConfig:64bit - StartUpReg: [b]swg[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]SynTPEnh[/b] - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
MsConfig:64bit - StartUpReg: [b]SysTrayApp[/b] - hkey= - key= - C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
MsConfig:64bit - StartUpReg: [b]tvncontrol[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]UnlockerAssistant[/b] - hkey= - key= - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
MsConfig:64bit - StartUpReg: [b]UpdatePRCShortCut[/b] - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: [b]Viber[/b] - hkey= - key= - C:\Users\Gilbert\AppData\Local\Viber\Viber.exe ()
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: atashost - C:\Windows\SysWOW64\atashost.exe (WebEx Communications, Inc.)
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:[b]64bit:[/b] {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {04D35C36-5E0B-89A6-96B4-AB020A4E003B} - Internet Explorer
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0A56DA30-57CA-82B7-6FED-113D39A82A45} - LightScribe Control Panel
ActiveX: {0D816A90-5919-4987-C0D8-0263273ACA43} - Internet Explorer
ActiveX: {0E882D61-A828-EDB2-63AB-F26159323C70} - Themes Setup
ActiveX: {1036FC53-0DC5-D19D-F6D2-93CEDC44387F} - Themes Setup
ActiveX: {103F3FB8-1EF2-84AD-7BFE-66A1394C2548} - LightScribe Control Panel
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {10DC261F-976B-0D43-61C3-9E5B259C56F1} - Themes Setup
ActiveX: {13921379-0BFD-5782-CE29-3F0E8765DA14} - Themes Setup
ActiveX: {14C768CD-988F-A9F9-B874-5F3DA937CAB6} - Themes Setup
ActiveX: {19213847-9EDB-3999-AC14-2CFB16170424} - Themes Setup
ActiveX: {1BA4D56A-E88C-B71E-AAC4-15A48DFD76A3} - Themes Setup
ActiveX: {1FC6C093-F54B-3E76-AB21-379BE143993F} - Themes Setup
ActiveX: {200DE605-4A9F-BEF7-B521-014CFA6C0978} - Themes Setup
ActiveX: {211E6B84-3908-38F3-9F4E-07CBE47A1935} - Microsoft Windows Media Player 12.0
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {258ED1B7-F4AE-EE0C-F5D9-4D7658D3C334} - LightScribe Control Panel
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {294CE452-DCAF-E4DE-A888-37D21453D39D} - Browser Customizations
ActiveX: {2A4773B6-4642-D614-E160-D7E77C1E64F3} - Themes Setup
ActiveX: {2A9C68FB-80FA-4D38-7265-DCD34371D549} - Themes Setup
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2C9E16A5-F73E-40D9-C44F-F0A6F63A5119} - Offline Browsing Pack
ActiveX: {39E324B2-A8F9-5A73-4EDD-7688F20F78B3} - Internet Explorer
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3B1E1292-529B-793A-04CF-26621AB756A2} - Themes Setup
ActiveX: {3D982FD0-E672-6B40-30D0-6262369A763E} - Themes Setup
ActiveX: {3F08ADE2-D51F-962D-6399-34D9B09FB3BB} - Internet Explorer
ActiveX: {3F82542C-71E5-AE64-ED9A-797AE3F2717F} - Themes Setup
ActiveX: {43066B0B-1E73-88C3-F993-58513672311A} - Themes Setup
ActiveX: {441C3E73-E4F9-A016-F352-DD8AE7B8A19B} - Browser Customizations
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4A574A32-909A-9FE1-6D5E-32A21A218DDC} - Browser Customizations
ActiveX: {4D92EA8F-8BF0-FF7C-7F58-8D9F87ED389C} - Themes Setup
ActiveX: {4E21062C-6AB2-BD2B-2D9C-5A8A6D725962} - LightScribe Control Panel
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {4F7298AC-F11B-1337-213C-856EB0D5C807} - Themes Setup
ActiveX: {5112007F-E379-E195-C650-783050B2DA91} - Browser Customizations
ActiveX: {5182759C-6210-EDAB-0CFA-DD540B4305B6} - Themes Setup
ActiveX: {51FFE8DC-12A1-0A68-09BB-F978FB01F841} - Themes Setup
ActiveX: {55725EFA-065A-7DC2-8963-2D95FEFB0703} - Browser Customizations
ActiveX: {57030FCA-ACBB-15C7-773C-BB88BCDB5D73} - LightScribe Control Panel
ActiveX: {595A3440-6780-C162-3BAE-EB6CBE369479} - Themes Setup
ActiveX: {59AB6AED-BBAF-907F-C840-5C7E39238553} - Microsoft Windows Media Player
ActiveX: {5A9E2205-25CF-F508-FECF-AD781A6AB8B2} - Themes Setup
ActiveX: {5B772B82-D234-1A7A-4EDB-8C700BAD4F29} - Themes Setup
ActiveX: {5D53A5CD-B1F9-32DB-DECD-876361A0B7FA} - Microsoft Windows Media Player 12.0
ActiveX: {5E6A6B3D-F949-B66F-F38F-E985D81A680D} - Themes Setup
ActiveX: {5F3B091A-566D-E414-5711-BAB6306067E1} - Themes Setup
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {60F40434-D061-62BC-D7D8-236AF98EA6D3} - Themes Setup
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6665D580-D176-FFE7-A712-FED89E4FA11C} - Internet Explorer
ActiveX: {67AB313D-FD3E-CDCC-9139-60591582744B} - Themes Setup
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6F21359B-B28A-3078-9CD7-0ACEC06744BC} - Browser Customizations
ActiveX: {6F5CBD90-D774-118D-E8C6-10C1A4AF0E9D} - Themes Setup
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DD3290B-F255-FAB1-E120-E201023F884B} - Internet Explorer
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {7FB55130-A333-6239-F7FE-B5FF0B54F4C5} - LightScribe Control Panel
ActiveX: {84697D33-40C6-386C-C5FF-7E0CCE1283B2} -
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {8C752340-87D5-CB5A-04F9-EACAB93703D1} - Themes Setup
ActiveX: {8F92B62F-A4CD-3557-AB4D-CBBFC1134BB3} - Offline Browsing Pack
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {983D5BB3-9BD2-263B-BF3B-2C23ACBEDD5E} - Themes Setup
ActiveX: {9A73C502-E01E-524B-EEEA-827226801014} - Java (Sun)
ActiveX: {9D15D930-70DE-0AE5-60ED-4D2148810938} - Themes Setup
ActiveX: {A1043285-A5B8-3AED-99D7-6695EC27728D} - Offline Browsing Pack
ActiveX: {A52F0465-B2AD-28AA-68B7-995B3575AEEB} - Themes Setup
ActiveX: {A71820B2-1C33-8202-7DE6-EB8F03B5DBD1} - LightScribe Control Panel
ActiveX: {AE61B7F2-21A0-0ACB-C0BC-E967D16CC551} - Browser Customizations
ActiveX: {AF4F9C62-A60C-0DC4-16D9-D82C56CEF178} - Microsoft Windows Media Player 12.0
ActiveX: {AF8B8595-75E3-C43E-E998-157452A74B0F} - LightScribe Control Panel
ActiveX: {B19058FB-9712-6B83-EA8D-D813540BC02C} - Internet Explorer
ActiveX: {B8C69F7E-37BC-09E4-14F3-4D067A31F66F} - Themes Setup
ActiveX: {B8CFA18E-6334-30EE-711D-468809A9D58F} - Offline Browsing Pack
ActiveX: {BF612E8E-4DCC-0C52-CB51-BA01960199FF} - Internet Explorer
ActiveX: {C2505D75-9143-9639-FFA6-45CBF031E74E} - Themes Setup
ActiveX: {C2CF7775-3EEB-6727-4CC2-29E63CF3F19A} - Java (Sun)
ActiveX: {C391621B-3D94-FDE3-B030-BA874EE60AE2} - Internet Explorer
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C706E8F9-2F54-FE2C-FBA0-489D3698DB7E} - Themes Setup
ActiveX: {C82AC337-B868-19CF-50B8-CE77F2B98994} - Microsoft Windows Media Player
ActiveX: {C93D5211-9581-1E3E-8154-ABB82B72F004} - Themes Setup
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CD16FEFD-69EE-7C54-722F-14BE5ECA27C4} - Internet Explorer
ActiveX: {CD38FB96-3192-8B1E-3F76-CA8CD4F01517} - Themes Setup
ActiveX: {CFC1FFDD-2901-B5D2-834C-FA78D929C6CA} - Themes Setup
ActiveX: {D037D759-8ED3-6500-C793-C11E57E7BF5D} - Themes Setup
ActiveX: {D21642DC-4F64-BC7E-984D-0D2BCA6C5289} - Themes Setup
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {D45D3D6B-3B86-018D-3FBA-700EEFF2A2A7} - Themes Setup
ActiveX: {D6094D85-1DFB-0119-18D4-DF5FF6071859} - Themes Setup
ActiveX: {D792200B-6065-6D84-D6A5-281F0EA061AC} - Themes Setup
ActiveX: {D7BD2EDA-C5B6-AEF3-FDCF-EAEE32D7B297} - Themes Setup
ActiveX: {D7F6F255-E113-387B-5174-4E9B16D02AD3} - Themes Setup
ActiveX: {D96DE880-23EA-E325-7D27-EA231A25FE1E} - Themes Setup
ActiveX: {DABA3F72-5E56-CAA5-4DA7-AC3E3D49D52E} - Browser Customizations
ActiveX: {DAE80880-2B0A-1AA5-7C1A-0BC6337FDFAE} - Themes Setup
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {DEBD7A48-4AA1-FFF2-6872-24A350AD1143} - Microsoft Windows Media Player 12.0
ActiveX: {E2286A9B-488E-F81E-7E09-0C9B312898AE} - Java (Sun)
ActiveX: {E7ECD2D1-8979-7200-5B49-DF370D97AEC6} - Java (Sun)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EAF41367-6F60-0C4B-E0FC-56B2E6F6C2D4} - Internet Explorer
ActiveX: {EBF48E3F-0B96-B74A-C1D9-C4CC4445DFA6} - Microsoft Windows Media Player
ActiveX: {EEBFC3A1-9F8A-29B5-72B3-6D2CB911304F} - Internet Explorer
ActiveX: {EFB81694-F316-1BB3-FDBD-8D3108D0C6C8} - Microsoft Windows Media Player 12.0
ActiveX: {F1DF8F33-D7CE-3BFF-5219-B846D86039E3} - Microsoft Windows Media Player 12.0
ActiveX: {F54AFF0E-4B09-9C3A-088B-314BD8C87544} - LightScribe Control Panel
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {F8200DC8-E8ED-F1D7-BA1A-7C406322BEA0} - Themes Setup
ActiveX: {F991E2A0-8567-D366-7E96-596DE78391BB} - Browser Customizations
ActiveX: {FA5DA6E8-70D5-6569-AFC3-AEB70D125E32} -
ActiveX: {FD55B741-C944-FBC2-0078-97A03D20B87C} - Java (Sun)
ActiveX: {FDD13078-2743-E24F-B6CB-7B41562BB516} - Browser Customizations
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/08/04 18:02:15 | 000,000,000 | ---D | C] -- C:\KVRT_Data
[2015/08/04 09:41:17 | 000,000,000 | ---D | C] -- C:\Users\Gilbert\AppData\Local\Garmin_Ltd._or_its_subsid
[2015/08/03 16:40:02 | 000,378,880 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/08/03 16:39:53 | 000,043,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/07/18 12:58:36 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2015/07/18 11:41:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2015/07/18 11:41:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2015/07/18 11:41:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2015/07/18 11:38:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2015/07/18 11:38:11 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2015/07/17 17:14:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/07/16 10:43:27 | 000,097,888 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015/07/16 10:39:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/07/15 16:17:02 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/07/15 16:17:02 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/07/15 16:17:02 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/07/15 16:17:02 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/07/15 16:17:02 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/07/15 16:17:02 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/07/15 16:17:01 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/07/15 16:17:01 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/07/15 16:17:01 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/07/15 16:17:00 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/07/15 16:16:58 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/07/15 16:16:58 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/07/15 16:16:58 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/07/15 16:16:57 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/07/15 16:16:57 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/07/15 16:16:57 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/07/15 16:16:57 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/07/15 16:16:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/07/15 16:16:56 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/07/15 16:16:56 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/07/15 16:16:56 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/07/15 16:16:55 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/07/15 16:16:54 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/07/15 16:16:54 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/07/15 16:16:53 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/07/15 16:16:53 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/07/15 16:16:53 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/07/15 16:16:53 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/07/15 16:16:52 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/07/15 16:16:52 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/07/15 16:16:51 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015/07/15 16:16:50 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/07/15 16:16:50 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/07/15 16:16:50 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/07/15 16:16:09 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/07/15 16:16:07 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/07/15 16:14:29 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cewmdm.dll
[2015/07/15 16:14:29 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cewmdm.dll
[2015/07/15 16:14:14 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015/07/15 16:14:14 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015/07/15 16:14:14 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2015/07/15 16:13:56 | 005,923,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/07/15 16:13:56 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/07/15 16:13:55 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/07/15 16:13:49 | 003,154,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/07/15 16:13:49 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/07/15 16:13:49 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/07/15 16:13:49 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/07/15 16:13:49 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/07/15 16:13:49 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/07/15 16:13:49 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/07/15 16:13:49 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/07/15 16:13:49 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/07/15 16:13:49 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/07/15 16:13:49 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/07/15 16:13:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/07/15 16:13:49 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/07/15 16:13:49 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/07/15 16:13:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/07/15 16:13:26 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015/07/15 16:13:25 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/07/15 16:13:25 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015/07/15 16:13:24 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/07/15 16:13:24 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/07/15 16:13:24 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/07/15 16:13:24 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/07/15 16:13:24 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/07/15 16:13:23 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/07/15 16:13:23 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/07/15 16:13:23 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/07/15 16:13:23 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/07/15 16:13:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/07/15 16:13:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/07/15 16:13:23 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/07/15 16:12:58 | 002,087,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2015/07/15 16:12:52 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015/07/15 16:12:06 | 003,180,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2015/07/15 16:12:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2015/07/15 16:11:24 | 003,242,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2015/07/15 16:11:24 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2015/07/15 16:11:23 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2015/07/15 16:11:23 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2015/07/15 16:11:23 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2015/07/15 16:11:23 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2015/07/15 16:11:22 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2015/07/15 16:11:22 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2015/07/15 16:07:39 | 001,145,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/07/15 16:07:39 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/07/15 16:07:39 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/07/15 16:07:39 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/07/15 16:07:39 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/07/15 16:07:39 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/07/15 16:07:39 | 000,017,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015/07/15 16:07:38 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/07/15 16:05:36 | 000,372,224 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/07/15 16:05:36 | 000,299,008 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/07/15 16:05:36 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015/07/15 16:05:36 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015/07/15 16:05:36 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/07/15 16:05:36 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015/07/15 16:05:36 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015/07/15 16:05:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013/08/01 10:10:20 | 548,905,984 | ---- | C] (Boonty ) -- C:\Users\Gilbert\whitehavenmysteries_sv{1038512}.exe
[2013/04/11 10:07:58 | 589,476,992 | ---- | C] (Boonty ) -- C:\Users\Gilbert\darkstrokessinsofthefathers_sv{995944}.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/08/08 10:06:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/08/08 09:44:09 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/08/08 09:40:34 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/08/08 09:40:34 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/08/08 09:33:02 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/08/08 09:31:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/08/07 17:28:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/08/07 15:57:55 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Glary Utilities 5.lnk
[2015/08/04 19:30:43 | 000,029,137 | ---- | M] () -- C:\Users\Gilbert\Desktop\Kaper.PNG
[2015/08/04 10:23:03 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGILBERT-PC$.job
[2015/08/04 09:37:25 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Garmin Express.lnk
[2015/08/03 17:03:59 | 000,001,880 | ---- | M] () -- C:\Users\Gilbert\Documents\cc_20150803_170351.reg
[2015/08/03 16:59:26 | 000,028,183 | ---- | M] () -- C:\Users\Gilbert\Desktop\Conso EDF.ods
[2015/08/03 16:39:58 | 000,447,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015/08/03 16:39:58 | 000,378,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/08/03 16:39:58 | 000,274,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015/08/03 16:39:58 | 000,150,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015/08/03 16:39:58 | 000,090,968 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015/08/03 16:39:58 | 000,065,224 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015/08/03 16:39:58 | 000,028,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015/08/03 16:39:57 | 000,093,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015/08/03 16:39:53 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/08/03 16:39:39 | 001,048,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015/07/18 12:58:19 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015/07/18 11:40:14 | 000,001,182 | ---- | M] () -- C:\Users\Gilbert\Desktop\ComboFix - Raccourci.lnk
[2015/07/17 17:45:22 | 000,001,072 | ---- | M] () -- C:\Users\Gilbert\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2015/07/17 17:20:02 | 000,000,484 | ---- | M] () -- C:\Users\Gilbert\Documents\cc_20150717_171957.reg
[2015/07/17 09:28:06 | 000,043,738 | ---- | M] () -- C:\Users\Gilbert\Documents\cc_20150717_092759.reg
[2015/07/17 09:13:45 | 000,999,406 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2015/07/17 09:13:44 | 000,223,240 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2015/07/16 10:36:53 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015/07/15 17:28:46 | 000,404,936 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/07/15 16:17:03 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/07/15 16:17:03 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/07/15 16:17:03 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/07/15 16:17:03 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/07/15 16:17:02 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/07/15 16:17:02 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/07/15 16:17:01 | 000,720,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/07/15 16:17:01 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/07/15 16:17:01 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/07/15 16:17:01 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/07/15 16:16:59 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/07/15 16:16:59 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/07/15 16:16:58 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/07/15 16:16:58 | 000,664,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/07/15 16:16:58 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/07/15 16:16:58 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/07/15 16:16:57 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/07/15 16:16:57 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/07/15 16:16:57 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/07/15 16:16:56 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/07/15 16:16:56 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/07/15 16:16:55 | 002,125,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/07/15 16:16:54 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/07/15 16:16:54 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/07/15 16:16:54 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/07/15 16:16:54 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/07/15 16:16:53 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/07/15 16:16:52 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/07/15 16:16:52 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015/07/15 16:16:52 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/07/15 16:16:50 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/07/15 16:16:50 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/07/15 16:16:10 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/07/15 16:16:08 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/07/15 16:14:30 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cewmdm.dll
[2015/07/15 16:14:29 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cewmdm.dll
[2015/07/15 16:14:15 | 001,480,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015/07/15 16:14:15 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015/07/15 16:14:14 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2015/07/15 16:13:56 | 005,923,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/07/15 16:13:55 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/07/15 16:13:50 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/07/15 16:13:50 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/07/15 16:13:49 | 003,154,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/07/15 16:13:49 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/07/15 16:13:49 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/07/15 16:13:49 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/07/15 16:13:49 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/07/15 16:13:49 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/07/15 16:13:49 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/07/15 16:13:49 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/07/15 16:13:49 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/07/15 16:13:49 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/07/15 16:13:49 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/07/15 16:13:49 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/07/15 16:13:49 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/07/15 16:13:28 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/07/15 16:13:28 | 001,216,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015/07/15 16:13:27 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015/07/15 16:13:26 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/07/15 16:13:26 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/07/15 16:13:26 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/07/15 16:13:25 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/07/15 16:13:25 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/07/15 16:13:25 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/07/15 16:13:25 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/07/15 16:13:25 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/07/15 16:13:25 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/07/15 16:13:25 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/07/15 16:13:24 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/07/15 16:13:23 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/07/15 16:12:58 | 002,087,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2015/07/15 16:12:52 | 000,404,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015/07/15 16:12:07 | 003,180,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2015/07/15 16:12:06 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2015/07/15 16:11:24 | 003,242,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2015/07/15 16:11:24 | 001,941,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2015/07/15 16:11:24 | 001,805,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2015/07/15 16:11:23 | 000,504,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2015/07/15 16:11:23 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2015/07/15 16:11:23 | 000,112,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2015/07/15 16:11:23 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2015/07/15 16:11:23 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2015/07/15 16:07:39 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/07/15 16:05:36 | 000,372,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/07/15 16:05:36 | 000,299,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/07/15 16:05:36 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015/07/15 16:05:36 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015/07/15 16:05:36 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/07/15 16:05:36 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015/07/15 16:05:36 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015/07/15 16:05:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015/07/15 16:01:53 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/07/15 16:01:52 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/07/09 19:59:59 | 000,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015/07/09 19:58:41 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/07/09 19:58:31 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/07/09 19:58:26 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/07/09 19:58:24 | 001,085,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/07/09 19:58:23 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/07/09 19:50:11 | 001,145,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/08/07 15:57:55 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Glary Utilities 5.lnk
[2015/08/04 19:30:42 | 000,029,137 | ---- | C] () -- C:\Users\Gilbert\Desktop\Kaper.PNG
[2015/08/04 09:37:25 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Garmin Express.lnk
[2015/08/03 17:03:57 | 000,001,880 | ---- | C] () -- C:\Users\Gilbert\Documents\cc_20150803_170351.reg
[2015/07/18 11:41:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2015/07/18 11:41:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2015/07/18 11:41:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2015/07/18 11:41:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2015/07/18 11:41:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2015/07/18 11:40:14 | 000,001,182 | ---- | C] () -- C:\Users\Gilbert\Desktop\ComboFix - Raccourci.lnk
[2015/07/17 17:20:00 | 000,000,484 | ---- | C] () -- C:\Users\Gilbert\Documents\cc_20150717_171957.reg
[2015/07/17 09:28:04 | 000,043,738 | ---- | C] () -- C:\Users\Gilbert\Documents\cc_20150717_092759.reg
[2015/02/21 11:45:33 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2015/02/21 11:45:02 | 000,006,211 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2015/02/20 12:23:07 | 000,000,062 | ---- | C] () -- C:\Users\Gilbert\AppData\Roaming\WB.CFG
[2014/06/18 17:09:26 | 000,000,000 | ---- | C] () -- C:\Users\Gilbert\.y3
[2014/03/24 16:37:15 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/11/04 11:14:49 | 001,641,184 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/30 17:23:38 | 000,000,251 | ---- | C] () -- C:\Users\Gilbert\profiles.cfg
[2013/10/30 17:23:38 | 000,000,237 | ---- | C] () -- C:\Users\Gilbert\options.cfg
[2013/10/30 17:23:37 | 000,000,352 | ---- | C] () -- C:\Users\Gilbert\ogre.cfg
[2013/09/30 12:02:04 | 000,221,327 | ---- | C] () -- C:\Windows\hpoins30.dat
[2013/09/30 12:02:04 | 000,000,587 | ---- | C] () -- C:\Windows\hpomdl30.dat
[2013/08/01 10:51:20 | 000,000,260 | ---- | C] () -- C:\Users\Gilbert\1038512.ini
[2013/04/11 10:47:47 | 000,000,258 | ---- | C] () -- C:\Users\Gilbert\995944.ini
[2013/02/28 17:08:16 | 000,923,641 | ---- | C] () -- C:\Users\Gilbert\AppData\Local\census.cache
[2013/02/28 17:07:28 | 000,186,558 | ---- | C] () -- C:\Users\Gilbert\AppData\Local\ars.cache
[2013/02/28 16:48:40 | 000,000,036 | ---- | C] () -- C:\Users\Gilbert\AppData\Local\housecall.guid.cache
[2012/10/02 17:23:57 | 000,000,221 | ---- | C] () -- C:\Users\Gilbert\.swfinfo
[2011/08/25 17:36:26 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2011/04/26 11:44:13 | 004,969,834 | ---- | C] () -- C:\Users\Gilbert\Alain Souchon 02 - Les saisons.mp3
[2011/01/21 10:10:09 | 000,001,854 | ---- | C] () -- C:\Users\Gilbert\AppData\Roaming\GhostObjGAFix.xml
[2010/10/16 15:55:36 | 000,010,470 | ---- | C] () -- C:\Users\Gilbert\AppData\Local\slot1.mm1
[2010/07/24 16:11:32 | 000,007,601 | ---- | C] () -- C:\Users\Gilbert\AppData\Local\Resmon.ResmonCfg
[2010/06/17 15:50:11 | 000,000,226 | ---- | C] () -- C:\Users\Gilbert\AppData\Roaming\wklnhst.dat
[2010/02/03 12:13:50 | 000,173,568 | ---- | C] () -- C:\Users\Gilbert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2009/12/17 09:25:30 | 000,005,466 | ---- | M] () -- C:\1261038326jtun_streamset.zip
[2009/07/14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2015/07/18 13:14:43 | 000,042,207 | ---- | M] () -- C:\ComboFix.txt
[2009/08/25 02:07:28 | 000,000,053 | ---- | M] () -- C:\Define.ini
[2014/03/02 11:40:42 | 000,001,058 | ---- | M] () -- C:\DelFix.txt
[2013/10/02 09:35:24 | 000,000,075 | ---- | M] () -- C:\DiskDefrag.log
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2015/04/29 16:15:42 | 000,656,348 | ---- | M] () -- C:\fraglist.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2010/05/09 16:05:15 | 000,000,186 | ---- | M] () -- C:\hpqlb.log
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:44:20 | 000,075,280 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:44:20 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:44:20 | 000,090,128 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:44:20 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:44:20 | 000,094,224 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:44:20 | 000,080,400 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:44:20 | 000,078,864 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2009/12/17 10:42:35 | 000,000,693 | ---- | M] () -- C:\ioSpecial.ini
[2009/08/25 02:07:27 | 000,007,254 | ---- | M] () -- C:\lic_1061.txt
[2009/08/25 02:07:27 | 000,007,254 | ---- | M] () -- C:\lic_1062.txt
[2009/08/25 02:07:27 | 000,007,254 | ---- | M] () -- C:\lic_1063.txt
[2008/03/17 18:53:14 | 000,002,500 | ---- | M] () -- C:\modern-header.bmp
[2015/08/08 09:31:06 | 4260,560,896 | -HS- | M] () -- C:\pagefile.sys
[2015/06/22 09:45:29 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2015/08/08 10:06:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/06/26 18:31:10 | 000,012,375 | R--- | M] () -- C:\Pre_Scan_26_06_2015_18_31_10.txt
[2013/03/07 01:32:49 | 006,533,200 | ---- | M] (AVAST Software) -- C:\Program F
[2014/02/03 14:31:51 | 000,010,011 | ---- | M] () -- C:\Shortcut_Module_03_02_2014_13_31_51.txt
[2014/02/03 15:34:27 | 000,003,336 | ---- | M] () -- C:\Shortcut_Module_03_02_2014_14_34_27.txt
[2014/02/04 16:28:01 | 000,003,497 | ---- | M] () -- C:\Shortcut_Module_04_02_2014_15_28_01.txt
[2014/02/04 18:51:39 | 000,003,462 | ---- | M] () -- C:\Shortcut_Module_04_02_2014_17_51_39.txt
[2009/12/17 09:25:08 | 000,008,351 | ---- | M] () -- C:\stream.dat
[2009/12/17 09:25:18 | 000,000,030 | ---- | M] () -- C:\stream.dis
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
[2009/07/14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

[color=#A23BEC]< %PROGRAMFILES%\*. >[/color]
[2011/01/21 10:30:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acronis
[2015/04/18 09:22:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ad Muncher
[2014/10/18 09:48:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2012/07/25 16:19:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Alawar.fr
[2013/10/03 16:46:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AM-DeadLink
[2015/04/23 17:17:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD APP
[2015/04/23 17:17:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD AVT
[2011/08/31 09:48:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2015/04/23 17:15:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2012/07/25 10:06:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BatteryCare
[2014/09/22 11:18:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Belarc
[2014/11/11 18:00:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\bfgclient
[2011/11/22 11:03:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2010/06/22 15:28:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Canon
[2015/08/03 17:01:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CCleaner
[2012/09/22 16:00:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cobian Backup 10
[2015/07/18 12:01:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2012/10/08 11:23:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ConsumerSoft
[2009/08/20 11:17:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2015/02/20 17:25:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Digital Photo Software
[2014/09/22 12:08:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dukto
[2015/04/21 08:53:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Eusing Free Registry Cleaner
[2012/07/16 09:54:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FACES
[2014/12/08 14:49:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FastStone Image Viewer
[2013/05/04 10:27:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Fear for Sale - Le Mystere du Manoir des McInroy
[2015/04/24 16:09:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FileHippo.com
[2010/06/09 16:46:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Audio Pack
[2010/02/04 17:00:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FreeCommander
[2015/06/12 10:23:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Freemake
[2015/08/04 09:38:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Garmin
[2014/12/23 16:55:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Garmin GPS Plugin
[2013/07/11 15:19:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Genius PDF
[2015/01/29 10:25:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Glary Utilities
[2013/11/20 10:12:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Glary Utilities 3
[2014/06/03 15:57:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Glary Utilities 4
[2015/08/08 09:37:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Glary Utilities 5
[2014/09/05 10:10:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Glarysoft
[2015/06/19 17:26:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2013/03/29 11:40:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2013/03/02 18:19:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\House of 1,000 Doors - La Palme de Zoroastre
[2013/09/30 12:08:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hp
[2010/03/25 17:51:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Games
[2011/02/22 17:06:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hugin
[2015/01/22 17:22:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Icecream Image Resizer
[2015/02/06 18:20:34 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/02/25 10:59:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2015/07/15 16:46:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2012/09/11 16:08:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\IrfanView
[2015/04/19 11:35:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2015/07/16 10:46:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/08/24 11:42:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\JMicron
[2010/06/17 16:43:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\JRE
[2011/06/23 10:52:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\KeyScrambler
[2014/02/12 12:27:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Kling 2001
[2010/02/27 16:54:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LaCie
[2010/12/13 17:32:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lame MP3 Codec
[2013/03/01 18:31:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LibreOffice 3.4
[2014/11/08 17:46:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LibreOffice 4
[2014/05/15 08:43:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LibreOffice 4.0
[2015/02/21 11:45:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MAGIX
[2015/06/21 10:29:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2010/12/13 17:31:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MarkAny
[2010/09/26 18:38:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MediaCUB
[2013/02/19 17:55:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MediaHuman
[2012/06/13 10:18:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MetaGeek
[2013/04/02 17:23:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Micro Application
[2013/05/28 17:14:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2011/07/25 10:22:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2009/08/20 10:38:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
[2015/05/15 10:30:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/02/17 17:09:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2014/09/22 11:22:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2010/06/25 11:46:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2013/06/17 10:28:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mindscape
[2015/07/17 17:45:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2015/07/18 10:53:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2015/05/22 10:54:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Thunderbird
[2010/04/28 17:04:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MP3Gain
[2014/12/04 10:34:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MP3jam
[2015/04/25 09:20:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mp3tag
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2012/04/11 09:05:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
[2013/06/17 10:40:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mystery Case Files - Dire Grove
[2014/02/24 11:07:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Notepad++
[2015/02/20 11:07:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ObviousIdea
[2012/07/13 15:56:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Online Games Manager
[2009/12/16 15:07:46 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Online Services
[2012/07/13 19:50:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenAL
[2014/02/24 11:08:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\orange
[2014/02/20 16:24:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PC Tools Firewall Plus
[2013/04/28 11:51:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Photo Notifier and Animation Creator
[2012/02/28 17:23:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PhotoFiltre 7
[2010/06/18 09:27:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PhotoMail Maker
[2014/01/22 10:24:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Quicksys
[2014/12/21 18:09:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2014/03/22 17:14:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Rainlendar2
[2014/02/26 18:43:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RealArcade
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2013/06/27 10:05:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Repertoire
[2013/02/15 17:14:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Samsung
[2010/12/30 18:35:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Secunia
[2013/10/03 16:42:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\share
[2012/09/12 10:36:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SlimCleaner
[2013/09/27 16:01:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SlimDrivers
[2015/06/19 16:32:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Soda PDF 7
[2015/04/23 17:40:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Softland
[2011/10/21 15:18:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Spamihilator
[2011/08/03 16:28:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Stardock
[2014/02/24 16:56:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
[2015/01/19 17:06:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\StreamStudio
[2010/03/29 15:51:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Total Immersion
[2012/07/16 09:16:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trusteer
[2013/05/16 17:40:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TubeMaster++
[2013/02/19 16:24:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ubisoft
[2010/03/10 17:49:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\UnderCoverXP
[2013/03/20 16:53:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2015/01/21 16:42:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Unlocker
[2015/04/24 09:29:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\USB Safely Remove
[2012/03/13 17:11:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2012/10/22 16:55:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Virtools
[2011/07/04 17:19:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VirtualDJ
[2014/03/24 11:26:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VS Revo Group
[2013/02/03 12:44:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildGames
[2013/03/28 18:13:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildTangent Games
[2013/10/26 11:11:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinDirStat
[2013/07/11 10:46:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2015/06/11 17:38:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Kits
[2012/06/28 09:48:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2012/02/25 16:50:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2015/06/11 11:51:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2012/02/25 16:50:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2012/02/25 16:50:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2013/11/11 17:30:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2012/07/25 15:14:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Xirrus
[2010/12/13 17:32:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\XviD
[2014/09/02 09:37:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Zedeo
[2015/06/16 09:17:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ZHPDiag

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

[color=#A23BEC]< MD5 for: APPMGMTS.DLL >[/color]
[2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) MD5=4ABA3E75A76195A3E38ED2766C962899 -- C:\Windows\winsxs\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.1.7600.16385_none_ddc3da0b75baa7e0\appmgmts.dll
[2009/07/14 03:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) MD5=A45D184DF6A8803DA13A0B329517A64A -- C:\Windows\winsxs\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.1.7600.16385_none_e818845daa1b69db\appmgmts.dll

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110120T103303579420\internal_ide_channel\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110120T103303579420\pci\cc_010601\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110120T141213922415\internal_ide_channel\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110120T141213922415\pci\cc_010601\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110130T082726090228\internal_ide_channel\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110824T090402437014\internal_ide_channel\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

[color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009/07/14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009/07/14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2007/05/17 21:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color]
[2009/07/14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=2BC6F6A1992B3A77F5F41432CA6B3B6B -- C:\Windows\SysWOW64\hidserv.dll
[2009/07/14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=2BC6F6A1992B3A77F5F41432CA6B3B6B -- C:\Windows\winsxs\wow64_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_3cf5e466d58070d9\hidserv.dll
[2009/07/14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) MD5=BD9EB3958F213F96B97B1D897DEE006D -- C:\Windows\SysNative\hidserv.dll
[2009/07/14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) MD5=BD9EB3958F213F96B97B1D897DEE006D -- C:\Windows\winsxs\amd64_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_32a13a14a11faede\hidserv.dll

[color=#A23BEC]< MD5 for: IASTOR.SYS >[/color]
[2011/04/26 12:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120225T084540279341\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2011/05/20 10:53:44 | 000,557,848 | ---- | M] (Intel Corporation) MD5=2FDAEC4B02729C48C0FD1B0B4695995B -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120623T143906959802\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2000/01/01 02:00:00 | 000,568,640 | ---- | M] (Intel Corporation) MD5=88D26E2881646FAD2B2114CF8C75FC3C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20121208T153029985203\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2000/01/01 02:00:00 | 000,568,640 | ---- | M] (Intel Corporation) MD5=88D26E2881646FAD2B2114CF8C75FC3C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20130426T143524597592\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2000/01/01 02:00:00 | 000,568,640 | ---- | M] (Intel Corporation) MD5=88D26E2881646FAD2B2114CF8C75FC3C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131201T154626100469\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2000/01/01 02:00:00 | 000,568,640 | ---- | M] (Intel Corporation) MD5=88D26E2881646FAD2B2114CF8C75FC3C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140117T100555449779\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2000/01/01 02:00:00 | 000,568,640 | ---- | M] (Intel Corporation) MD5=88D26E2881646FAD2B2114CF8C75FC3C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140710T101405178479\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2000/01/01 02:00:00 | 000,568,640 | ---- | M] (Intel Corporation) MD5=88D26E2881646FAD2B2114CF8C75FC3C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140710T133838588192\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2000/01/01 02:00:00 | 000,568,640 | ---- | M] (Intel Corporation) MD5=88D26E2881646FAD2B2114CF8C75FC3C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20141205T143834936978\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2000/01/01 02:00:00 | 000,568,640 | ---- | M] (Intel Corporation) MD5=88D26E2881646FAD2B2114CF8C75FC3C -- C:\Windows\SysNative\drivers\iaStor.sys
[2000/01/01 02:00:00 | 000,568,640 | ---- | M] (Intel Corporation) MD5=88D26E2881646FAD2B2114CF8C75FC3C -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_83def68c679d7974\iaStor.sys
[2010/11/05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111112T105042702189\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2010/11/05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111112T141938701837\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2000/01/01 02:00:00 | 000,558,360 | ---- | M] (Intel Corporation) MD5=F981817D0BD03EAC4FA60D0B2551A310 -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120903T092103090609\pci\ven_8086&dev_2929&cc_0106\iaStor.sys

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

[color=#A23BEC]< MD5 for: IMM32.DLL >[/color]
[2010/11/20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=A6F09E5669D9A19035F6D942CAA15882 -- C:\Windows\erdnt\cache86\imm32.dll
[2010/11/20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=A6F09E5669D9A19035F6D942CAA15882 -- C:\Windows\SysWOW64\imm32.dll
[2010/11/20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=A6F09E5669D9A19035F6D942CAA15882 -- C:\Windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_c4d0cdd7c56b493e\imm32.dll
[2009/07/14 03:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=AA2C08CE85653B1A0D2E4AB407FA176C -- C:\Windows\erdnt\cache64\imm32.dll
[2009/07/14 03:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=AA2C08CE85653B1A0D2E4AB407FA176C -- C:\Windows\SysNative\imm32.dll
[2009/07/14 03:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=AA2C08CE85653B1A0D2E4AB407FA176C -- C:\Windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_b84b0fbd941c03a9\imm32.dll

[color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color]
[2015/04/27 21:03:36 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=1569F20BB9DB9FDC87A6D3C8A3726ABF -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18839_none_fc27e586a1579c95\kernel32.dll
[2015/04/27 21:23:19 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=1C9F2F4A2C603739BD8CC8C64310AFD7 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18839_none_f1d33b346cf6da9a\kernel32.dll
[2015/04/27 21:17:34 | 001,163,776 | ---- | M] (Microsoft Corporation) MD5=2A782D0DD0C53C8B0A0A2318EBBCEC5D -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23040_none_f248dd9b8624e588\kernel32.dll
[2015/03/17 07:11:40 | 001,164,800 | ---- | M] (Microsoft Corporation) MD5=36F241A637A424A75C98926189115502 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23002_none_f2761ddf8602a872\kernel32.dll
[2015/05/25 20:22:03 | 001,163,776 | ---- | M] (Microsoft Corporation) MD5=3A2E4CB43CC4AE0195F686146ADCAD3D -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23072_none_f22a6e6b863b6c09\kernel32.dll
[2015/05/25 20:05:29 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=5EA4D6D52DB2679B8F9DE67A7F8BC41A -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23072_none_fc7f18bdba9c2e04\kernel32.dll
[2012/11/30 07:41:07 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=65C113214F7B05820F6D8A65B1485196 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll
[2015/05/09 05:26:36 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=6AA0DD89D7A90033FC3111CC83187C1D -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18847_none_f1c66ab46d00c3dd\kernel32.dll
[2015/05/25 20:19:02 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=6FDF03A3B110C5264F52F979335AE301 -- C:\Windows\erdnt\cache64\kernel32.dll
[2015/05/25 20:19:02 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=6FDF03A3B110C5264F52F979335AE301 -- C:\Windows\SysNative\kernel32.dll
[2015/05/25 20:19:02 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=6FDF03A3B110C5264F52F979335AE301 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18869_none_f1b2cb706d0f2e6d\kernel32.dll
[2014/03/04 11:16:17 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=76161B9D78A275F8F28DD67436013110 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_fc484db2a13f5426\kernel32.dll
[2014/04/12 04:32:01 | 001,164,800 | ---- | M] (Microsoft Corporation) MD5=77BBBF70BCE286CD19E1E68F248363FA -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_f24130b9862a22c7\kernel32.dll
[2013/08/29 04:19:46 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=786D234A90FCAC72633AE6FC52653A49 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_f259cda386173c9c\kernel32.dll
[2010/11/20 15:26:42 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=7A6326D96D53048FDEC542DF23D875A0 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll
[2015/05/09 05:12:44 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=84433E17027542D333861AB5615DCA2D -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18847_none_fc1b1506a16185d8\kernel32.dll
[2015/03/17 06:56:00 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=99DE8BADC0E85C9AB4A8301A3723FFEA -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18798_none_fbe603cea1892dbd\kernel32.dll
[2012/11/30 06:57:47 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=9CC2571E3646B9A24296AD7ADCC71682 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll
[2015/03/17 06:44:40 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=9FBA00AA15C45A2F1D26776193E543C1 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23002_none_fccac831ba636a6d\kernel32.dll
[2012/11/30 06:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=AC0B6F41882FC6ED186962D770EBF1D2 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll
[2012/11/30 07:52:53 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=B3BEA6420D482356E53B7C728E05C637 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll
[2015/04/27 20:54:53 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=B4E11856DF2535DF158D32DA7B780FDF -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23040_none_fc9d87edba85a783\kernel32.dll
[2015/05/09 08:05:42 | 001,163,776 | ---- | M] (Microsoft Corporation) MD5=B4E1D3B522A9FD13581A1880A13E68E7 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23049_none_f251e035861cc997\kernel32.dll
[2014/04/12 04:05:53 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=C8C41EBEE097FEB29FB816854D3AD1E7 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_fc95db0bba8ae4c2\kernel32.dll
[2014/03/04 11:44:00 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=D2A513EE880D71BDE7F0257F38B9D019 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_f1f3a3606cde922b\kernel32.dll
[2015/03/17 07:16:34 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=E75074EFBE3C24FBC95C7C1985E08FDE -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18798_none_f191597c6d286bc2\kernel32.dll
[2010/11/20 14:08:56 | 000,837,632 | ---- | M] (Microsoft Corporation) MD5=E80758CF485DB142FCA1EE03A34EAD05 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll
[2013/08/29 03:57:20 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=EE751CBD5D0C332FDF3DF7187B612416 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_fcae77f5ba77fe97\kernel32.dll
[2015/05/25 19:59:51 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=F81920ADB15012CF4E9FF8238C85686A -- C:\Windows\erdnt\cache86\kernel32.dll
[2015/05/25 19:59:51 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=F81920ADB15012CF4E9FF8238C85686A -- C:\Windows\SysWOW64\kernel32.dll
[2015/05/25 19:59:51 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=F81920ADB15012CF4E9FF8238C85686A -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18869_none_fc0775c2a16ff068\kernel32.dll
[2015/05/09 07:39:49 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=FE8AA1F56E845C0A36C12D2F83243C4C -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23049_none_fca68a87ba7d8b92\kernel32.dll

[color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color]
[2010/11/20 15:27:10 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[2013/09/07 04:04:16 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=6547D445C4B69DC0083B619AC642DF04 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_bac3d364a4c3ea89\mswsock.dll
[2010/11/20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
[2013/09/08 04:27:14 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=9A9F9F1A77D6A80EE28B57664F00013E -- C:\Windows\erdnt\cache64\mswsock.dll
[2013/09/08 04:27:14 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=9A9F9F1A77D6A80EE28B57664F00013E -- C:\Windows\SysNative\mswsock.dll
[2013/09/08 04:27:14 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=9A9F9F1A77D6A80EE28B57664F00013E -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_164e004b440bdabf\mswsock.dll
[2013/09/07 04:24:39 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=BDDB1FD258B92DEE00F222D3304B5D9C -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_16e26ee85d215bbf\mswsock.dll
[2013/09/08 04:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=E94C583CDE2348950155F2AF2876F34D -- C:\Windows\erdnt\cache86\mswsock.dll
[2013/09/08 04:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=E94C583CDE2348950155F2AF2876F34D -- C:\Windows\SysWOW64\mswsock.dll
[2013/09/08 04:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=E94C583CDE2348950155F2AF2876F34D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_ba2f64c78bae6989\mswsock.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2012/08/22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

[color=#A23BEC]< MD5 for: NTFS.SYS >[/color]
[2010/11/20 15:33:46 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2014/01/24 04:37:55 | 001,684,928 | ---- | M] (Microsoft Corporation) MD5=1A29A59A4C5BA6F8C85062A613B7E2B2 -- C:\Windows\erdnt\cache64\ntfs.sys
[2014/01/24 04:37:55 | 001,684,928 | ---- | M] (Microsoft Corporation) MD5=1A29A59A4C5BA6F8C85062A613B7E2B2 -- C:\Windows\SysNative\drivers\ntfs.sys
[2014/01/24 04:37:55 | 001,684,928 | ---- | M] (Microsoft Corporation) MD5=1A29A59A4C5BA6F8C85062A613B7E2B2 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18378_none_045a363833b85029\ntfs.sys
[2014/01/24 04:40:06 | 001,684,416 | ---- | M] (Microsoft Corporation) MD5=48B6047F82D5A8D0AEC71593F4ACD79B -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22580_none_04d102ad4ce53e53\ntfs.sys
[2011/03/11 08:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2011/03/11 08:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

[color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color]
[2010/11/20 14:17:30 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E77BAB79F078654782F83F0A0AEFE31 -- C:\Windows\SysWOW64\proquota.exe
[2010/11/20 14:17:30 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E77BAB79F078654782F83F0A0AEFE31 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.1.7601.17514_none_29ce61c2f0a740f4\proquota.exe
[2010/11/20 15:25:04 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=C6C83C0DF40E11FA1F06625E95E41DE7 -- C:\Windows\SysNative\proquota.exe
[2010/11/20 15:25:04 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=C6C83C0DF40E11FA1F06625E95E41DE7 -- C:\Windows\winsxs\amd64_microsoft-windows-proquota_31bf3856ad364e35_6.1.7601.17514_none_85ecfd46a904b22a\proquota.exe

[color=#A23BEC]< MD5 for: QMGR.DLL >[/color]
[2010/11/20 15:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\erdnt\cache64\qmgr.dll
[2010/11/20 15:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 15:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2012/02/11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\erdnt\cache64\spoolsv.exe
[2012/02/11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\SysNative\spoolsv.exe
[2012/02/11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe
[2010/11/20 15:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[2012/02/11 08:20:28 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=B9D7A4858CF32A6A15D2763F1DE47E0E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2015/06/21 10:29:27 | 000,878,392 | ---- | M] (MalwareBytes) MD5=4518DD9A09B4FEF7DB3B13F0DDDDD36E -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014/10/22 16:50:40 | 000,518,144 | ---- | M] (SteelWerX) MD5=A46842C9B0C567A5A9584E83A163560C -- C:\Pre_Scan\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

[color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color]
[2014/10/14 04:13:06 | 000,683,520 | ---- | M] (Microsoft Corporation) MD5=008CD4EBFABCF78D0F19B3778492648C -- C:\Windows\erdnt\cache64\termsrv.dll
[2014/10/14 04:13:06 | 000,683,520 | ---- | M] (Microsoft Corporation) MD5=008CD4EBFABCF78D0F19B3778492648C -- C:\Windows\SysNative\termsrv.dll
[2014/10/14 04:13:06 | 000,683,520 | ---- | M] (Microsoft Corporation) MD5=008CD4EBFABCF78D0F19B3778492648C -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.18637_none_ecb2935b6af13c52\termsrv.dll
[2010/11/20 15:27:26 | 000,680,960 | ---- | M] (Microsoft Corporation) MD5=2E648163254233755035B46DD7B89123 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll
[2014/07/17 04:07:44 | 000,681,984 | ---- | M] (Microsoft Corporation) MD5=4FC4C50985E5B840F4D72E57286887B8 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.18540_none_eca0bf836affa9bb\termsrv.dll
[2014/10/14 04:16:40 | 000,686,592 | ---- | M] (Microsoft Corporation) MD5=6A5B600AD0041E9AF564DE73B716F3D2 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.22843_none_ed2d60f8841a8fd8\termsrv.dll
[2014/07/16 05:23:41 | 000,686,080 | ---- | M] (Microsoft Corporation) MD5=F4D7114060C034134A440846F411BB7F -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.22750_none_ed1f8e488425629d\termsrv.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120623T143906959802\storage\volume\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120903T092103090609\storage\volume\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20121208T153029985203\storage\volume\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20130426T143524597592\storage\volume\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131201T154626100469\storage\volume\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140117T100555449779\storage\volume\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140710T101405178479\storage\volume\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140710T133838588192\storage\volume\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20141205T143834936978\storage\volume\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys
[2009/07/14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110120T103303579420\storage\volume\volsnap.sys
[2009/07/14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110120T141213922415\storage\volume\volsnap.sys
[2009/07/14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110130T082726090228\storage\volume\volsnap.sys
[2009/07/14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110824T090402437014\storage\volume\volsnap.sys
[2009/07/14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111112T105042702189\storage\volume\volsnap.sys
[2009/07/14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111112T141938701837\storage\volume\volsnap.sys
[2009/07/14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Users\Gilbert\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120225T084540279341\storage\volume\volsnap.sys

[color=#A23BEC]< MD5 for: WININET.DLL >[/color]
[2014/02/06 11:24:52 | 002,334,208 | ---- | M] (Microsoft Corporation) MD5=263B6E451526A90FF8B1CEC759F22956 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16518_none_e4343655b6ea4626\wininet.dll
[2014/06/19 00:58:27 | 002,266,112 | ---- | M] (Microsoft Corporation) MD5=2EE102DF0EDD8A1EDD3D1E9B99A91BEC -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17207_none_e453be7db6d2bc82\wininet.dll
[2015/02/20 03:28:25 | 002,358,784 | ---- | M] (Microsoft Corporation) MD5=36F99BD8A0F09BDBB7850A138845A014 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17691_none_e4320a17b6ea768f\wininet.dll
[2014/08/18 23:15:13 | 002,310,656 | ---- | M] (Microsoft Corporation) MD5=39EBB9708453036A74C30C9A294023FF -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17280_none_e45c6045b6cad3d3\wininet.dll
[2014/05/30 09:56:56 | 002,266,112 | ---- | M] (Microsoft Corporation) MD5=40BFD9D6EC8E174145F012246CA73CCD -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17126_none_e460a5c5b6c8b99e\wininet.dll
[2015/05/22 19:50:20 | 002,426,880 | ---- | M] (Microsoft Corporation) MD5=417F80E4AFBA1AA9EBBD618F1C6D9165 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17843_none_e4173b3db6ff6300\wininet.dll
[2010/11/20 14:21:36 | 000,980,992 | ---- | M] (Microsoft Corporation) MD5=44214C94911C7CFB1D52CB64D5E8368D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll
[2014/11/22 03:28:21 | 002,358,272 | ---- | M] (Microsoft Corporation) MD5=4AF089160FE082E5EA5C4AA72782DCA2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17501_none_e433d769b6ea768f\wininet.dll
[2014/11/22 03:00:20 | 001,888,256 | ---- | M] (Microsoft Corporation) MD5=5E4E0E43E0A5BF9F089696DFA7A3D677 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17501_none_88153be5fe8d0559\wininet.dll
[2015/07/15 16:16:54 | 001,951,232 | ---- | M] (Microsoft Corporation) MD5=63B01F72FD727D5736DBEF54174D8F93 -- C:\Windows\erdnt\cache86\wininet.dll
[2015/07/15 16:16:54 | 001,951,232 | ---- | M] (Microsoft Corporation) MD5=63B01F72FD727D5736DBEF54174D8F93 -- C:\Windows\SysWOW64\wininet.dll
[2015/07/15 16:16:54 | 001,951,232 | ---- | M] (Microsoft Corporation) MD5=63B01F72FD727D5736DBEF54174D8F93 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17914_none_87eab827feacdb57\wininet.dll
[2014/11/06 03:52:35 | 001,892,864 | ---- | M] (Microsoft Corporation) MD5=6DD7D61A8EF3DFEC4FAEFEB395E77424 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17420_none_8822232dfe830275\wininet.dll
[2014/11/06 04:17:24 | 002,365,440 | ---- | M] (Microsoft Corporation) MD5=6FC2819A4F80AAB2DADEDFC1EFEE3C3F -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17420_none_e440beb1b6e073ab\wininet.dll
[2014/05/30 09:21:10 | 001,790,976 | ---- | M] (Microsoft Corporation) MD5=771CDBC3D62437D6DB070820BB1EDCCF -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17126_none_88420a41fe6b4868\wininet.dll
[2015/03/13 04:45:57 | 002,358,784 | ---- | M] (Microsoft Corporation) MD5=77B35D0FC22A2D2EAC8D07C3F9784DBF -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17728_none_e41f98adb6f99486\wininet.dll
[2014/09/19 01:59:11 | 001,810,944 | ---- | M] (Microsoft Corporation) MD5=7AE80F921027CF88CB9D0433088A3E55 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17358_none_882f3db7fe78ff91\wininet.dll
[2014/07/25 12:52:06 | 002,266,624 | ---- | M] (Microsoft Corporation) MD5=8E71A5CB5312B8392D4DA4CA37BB5868 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17239_none_e45691cbb6d03bc9\wininet.dll
[2013/11/26 08:33:33 | 001,820,160 | ---- | M] (Microsoft Corporation) MD5=927FA6456AD6D7630F6854828D2FD16B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16476_none_88269a09fe7f1dc7\wininet.dll
[2013/11/26 09:07:57 | 002,334,208 | ---- | M] (Microsoft Corporation) MD5=9B6678DB9C6A232C5A84D2FDFFF8B0E1 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16476_none_e445358db6dc8efd\wininet.dll
[2014/02/06 10:41:35 | 001,820,160 | ---- | M] (Microsoft Corporation) MD5=9C89246184979A070B0C6CCF61C68136 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16518_none_88159ad1fe8cd4f0\wininet.dll
[2014/09/19 02:33:18 | 002,309,632 | ---- | M] (Microsoft Corporation) MD5=9D98D4F390F0B14A782F3B931E613A1A -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17358_none_e44dd93bb6d670c7\wininet.dll
[2015/01/12 03:27:32 | 002,358,272 | ---- | M] (Microsoft Corporation) MD5=9DFE41A69DF70AAB75CB5BA8C1109EA2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17633_none_e42bdacbb6f011c7\wininet.dll
[2014/03/01 04:32:16 | 001,820,160 | ---- | M] (Microsoft Corporation) MD5=AAFEAB4FC9D70253F8C7E353E879E8A2 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16521_none_88173a93fe8b3ae0\wininet.dll
[2014/01/28 09:54:35 | 001,818,112 | ---- | M] (Microsoft Corporation) MD5=B5EB5BD3066959611E1F7A80FD6CC172 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16428_none_88216b07fe83d256\wininet.dll
[2014/07/25 12:05:23 | 001,792,512 | ---- | M] (Microsoft Corporation) MD5=B945BAA81B4805AD6BDDF4D026DCFB47 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17239_none_8837f647fe72ca93\wininet.dll
[2015/03/13 04:20:28 | 001,888,256 | ---- | M] (Microsoft Corporation) MD5=C46904F2E9E121A91DDDABB48D7648C3 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17728_none_8800fd29fe9c2350\wininet.dll
[2015/04/21 17:02:00 | 001,882,112 | ---- | M] (Microsoft Corporation) MD5=CB5F450D21B9D76B7F01D006E4AEDB40 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17801_none_87f4cc21fea5592c\wininet.dll
[2014/06/19 00:13:59 | 001,791,488 | ---- | M] (Microsoft Corporation) MD5=CCC198257901BEEA2FBF8EB1E7678356 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17207_none_883522f9fe754b4c\wininet.dll
[2014/08/18 22:46:48 | 001,812,992 | ---- | M] (Microsoft Corporation) MD5=D58988722C72D265B51A54103DFC2C6F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17280_none_883dc4c1fe6d629d\wininet.dll
[2014/03/01 05:10:28 | 002,334,208 | ---- | M] (Microsoft Corporation) MD5=DF79CE9B950C62677D232154E93A81C7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16521_none_e435d617b6e8ac16\wininet.dll
[2015/07/15 16:16:51 | 002,427,392 | ---- | M] (Microsoft Corporation) MD5=E066FDC3A2074D926903B8C31EF3B347 -- C:\Windows\erdnt\cache64\wininet.dll
[2015/07/15 16:16:51 | 002,427,392 | ---- | M] (Microsoft Corporation) MD5=E066FDC3A2074D926903B8C31EF3B347 -- C:\Windows\SysNative\wininet.dll
[2015/07/15 16:16:51 | 002,427,392 | ---- | M] (Microsoft Corporation) MD5=E066FDC3A2074D926903B8C31EF3B347 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17914_none_e40953abb70a4c8d\wininet.dll
[2014/03/06 07:41:49 | 001,789,440 | ---- | M] (Microsoft Corporation) MD5=E4E829EE073E046B0EB19B5FECB19B8C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17041_none_884f4ca9fe60df00\wininet.dll
[2015/05/23 04:20:35 | 001,950,720 | ---- | M] (Microsoft Corporation) MD5=E4EB138060BAE0DBAB1A3B71A3141FE7 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17843_none_87f89fb9fea1f1ca\wininet.dll
[2014/01/28 09:54:31 | 002,332,160 | ---- | M] (Microsoft Corporation) MD5=E6CB36B85BE59095337427E853A5B65A -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16428_none_e440068bb6e1438c\wininet.dll
[2015/02/20 03:01:25 | 001,888,256 | ---- | M] (Microsoft Corporation) MD5=EA6EA6912F27F05C61D8D747517EB47E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17691_none_88136e93fe8d0559\wininet.dll
[2015/04/21 17:27:25 | 002,352,128 | ---- | M] (Microsoft Corporation) MD5=F0289B3A341429117696F0279DA977B6 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17801_none_e41367a5b702ca62\wininet.dll
[2014/03/06 08:22:40 | 002,260,480 | ---- | M] (Microsoft Corporation) MD5=F220BA78AB542C70211D73AE4729B2CD -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17041_none_e46de82db6be5036\wininet.dll
[2015/01/12 03:00:17 | 001,888,256 | ---- | M] (Microsoft Corporation) MD5=F285D499EC42969D963CA49EADA63218 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17633_none_880d3f47fe92a091\wininet.dll
[2010/11/20 15:27:28 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=F6C5302E1F4813D552F41A0AC82455E5 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_7ac940242f7494a4\wininet.dll

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\erdnt\cache64\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\erdnt\cache86\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WININIT.INI >[/color]
[2012/09/18 13:28:56 | 000,005,664 | ---- | M] () MD5=495123A38A398DA37C8DEECCA43B62BA -- C:\Windows\wininit.ini

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2015/06/21 10:29:30 | 000,878,392 | ---- | M] (MalwareBytes) MD5=4518DD9A09B4FEF7DB3B13F0DDDDD36E -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2015/06/21 10:29:30 | 000,878,392 | ---- | M] (MalwareBytes) MD5=4518DD9A09B4FEF7DB3B13F0DDDDD36E -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\erdnt\cache64\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\erdnt\cache64\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2014/07/16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2010/11/20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010/11/20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010/11/20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010/11/20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\Curr ?entControlSet\Control\Session Manager\SubSystems /s >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\ ?*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\* ?.sav >[/color]

[color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color]
[2015/08/03 17:41:42 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-590695166-95238818-3074260695-1001\$I0ZNDBW.pdf
[2015/08/05 10:44:04 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-590695166-95238818-3074260695-1001\$I2MFGYU.PNG
[2015/08/03 17:41:35 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-590695166-95238818-3074260695-1001\$I9U3NU6.pdf
[2015/08/03 17:41:15 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-590695166-95238818-3074260695-1001\$IB56I1E.exe
[2015/08/03 17:41:28 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-590695166-95238818-3074260695-1001\$IOOD24V.lnk
[2015/08/05 10:43:57 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-590695166-95238818-3074260695-1001\$IRD13BT.PNG
[2015/07/18 12:58:36 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-590695166-95238818-3074260695-1001\desktop.ini

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 64 bytes -> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17914_none_87eab827feacdb57\wininet.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17914_none_e40953abb70a4c8d\wininet.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wuwebv.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wups.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wudriver.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wuapp.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wuapi.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wintrust.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wininet.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wdigest.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\vbscript.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\urlmon.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\tspkg.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\sspicli.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\secur32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\schannel.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\rpcrt4.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ole32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ncrypt.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msv1_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msrating.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msobjs.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msimsg.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msihnd.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msiexec.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msi.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mshtmlmedia.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mshtmled.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\MshtmlDac.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mshtml.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msfeeds.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msaudite.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\lpk.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\kerberos.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\jsproxy.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\jscript9diag.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\jscript9.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\jscript.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\JavaScriptCollectionAgent.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\inetcpl.cpl:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieUnatt.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieui.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\iesetup.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\iertutil.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\iernonce.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieframe.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieetwproxystub.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\iedkcs32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieapfltr.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\gdi32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\fontsub.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\FlashPlayerApp.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\dxtrans.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\dxtmsft.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\dciman32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cryptsvc.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cryptnet.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cryptbase.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\crypt32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\credssp.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cewmdm.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\authui.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\auditpol.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\atmlib.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\atmfd.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\adtschema.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\wuwebv.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\wups.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\wudriver.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\wuapi.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\wintrust.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\wininet.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\wdigest.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\vbscript.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\urlmon.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\TSpkg.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\sspicli.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\secur32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\schannel.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\rpcrt4.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\ole32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\ncrypt.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\msv1_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\msrating.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\msobjs.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\msimsg.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\msihnd.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\msi.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\mshtmled.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\MshtmlDac.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\mshtml.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\msfeeds.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\msaudite.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\lpk.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\kerberos.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\jsproxy.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\jscript9diag.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\jscript9.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\jscript.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\ieui.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\iesetup.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\iertutil.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\iernonce.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\ieframe.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\iedkcs32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\ieapfltr.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\gdi32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\fontsub.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\dxtrans.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\dxtmsft.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\dciman32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\cryptsvc.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\cryptnet.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\cryptbase.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\crypt32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\credssp.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\cewmdm.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\authui.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\atmlib.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\atmfd.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\system32\adtschema.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\erdnt\cache86\wininet.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\erdnt\cache64\wininet.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Users\Gilbert\Desktop\Pre_Scan.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Pre_Scan\svchost.exe:$CmdTcID
@Alternate Data Stream - 26 bytes -> C:\Users\Gilbert\Desktop\Pre_Scan.exe:$CmdZnID

< End of report >

Publicité

Signaler le contenu de ce document

Publicité