Pantouflar

Bon ça semble OK, merci encore Je passe en résolu.

Le problème semble parti. Je laisse passer quelques jours avant de passer en Résolu. Merci encore pour votre aide.

All processes killed ========== OTL ========== No active process named PlusService.exe was found! Prefs.js: "http://freakylinks.info/643" removed from browser.startup.homepage Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE9A4208-64EC-11DE-8440-204256D89593}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE9A4208-64EC-11DE-8440-204256D89593}\ deleted successfully. C:\Program Files (x86)\Shareaza Applications\MediaBar\ToolBar\ShareazaMediabarDx.dll moved successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully. C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll moved successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully. C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A}\ deleted successfully. C:\Program Files (x86)\Xi\NetXfer\NXToolBar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EE9A4208-64EC-11DE-8440-204256D89593} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE9A4208-64EC-11DE-8440-204256D89593}\ not found. File C:\Program Files (x86)\Shareaza Applications\MediaBar\ToolBar\ShareazaMediabarDx.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. 64bit-Registry value HKEY_USERS\S-1-5-21-4057456930-615517595-1230037521-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll not found. Registry value HKEY_USERS\S-1-5-21-4057456930-615517595-1230037521-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PlusService deleted successfully. C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found. Starting removal of ActiveX control {20A60F0D-9AFA-4515-A0FD-83BD84642501} Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{20A60F0D-9AFA-4515-A0FD-83BD84642501}\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{20A60F0D-9AFA-4515-A0FD-83BD84642501}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20A60F0D-9AFA-4515-A0FD-83BD84642501}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{20A60F0D-9AFA-4515-A0FD-83BD84642501}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20A60F0D-9AFA-4515-A0FD-83BD84642501}\ not found. Starting removal of ActiveX control {C345E174-3E87-4F41-A01C-B066A90A49B4} Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C345E174-3E87-4F41-A01C-B066A90A49B4}\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C345E174-3E87-4F41-A01C-B066A90A49B4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C345E174-3E87-4F41-A01C-B066A90A49B4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C345E174-3E87-4F41-A01C-B066A90A49B4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C345E174-3E87-4F41-A01C-B066A90A49B4}\ not found. Starting removal of ActiveX control {C3F79A2B-B9B4-4A66-B012-3EE46475B072} Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\ArcadeDeluxeAgent\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\NortonOnlineBackupReminder\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\PlayMovie\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\PlusService\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\StartCCC\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\VoipCheapCom\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\ not found. ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully! ========== FILES ========== File\Folder [purity] not found. File\Folder [emptytemp] not found. File\Folder [resethosts] not found. File\Folder [Reboot] not found. OTL by OldTimer - Version 3.2.32.0 log created on 02162012_194734 Files\Folders moved on Reboot... Registry entries deleted on Reboot... ############################## | UsbFix V 7.081 | [suppression] Utilisateur: ANONYMOUS (Administrateur) # ANONYMOUS-PC Mis à jour le 05/02/2012 par El Desaparecido Lancé à 20:01:09 | 16/02/2012 Site Web: [url=http://eldesaparecido.com]http://eldesaparecido.com[/url] Fichier suspect ? : [url=http://eldesaparecido.com/upload.html]http://eldesaparecido.com/upload.html[/url] Contact: [email protected] PC: Acer (Aspire M5810) (x64-based PC) # Desktop Computer CPU: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz (3201) RAM -> [ Total : 8183 | Free : 6340 ] BIOS: Default System BIOS BOOT: Normal boot OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [ Enabled ] WU: Windows Update Service [ Enabled ] AV: Avira Desktop [ (!) Disabled | Updated ] FW: Windows FireWall Service [ Enabled ] C:\ (%systemdrive%) -> Disque fixe # 458 Go (146 Go libre(s) - 32%) [Acer] # NTFS D:\ -> Disque fixe # 458 Go (93 Go libre(s) - 20%) [DATA] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM G:\ -> CD-ROM ################## | Processus Actif | C:\Windows\system32\csrss.exe (560) C:\Windows\system32\wininit.exe (652) C:\Windows\system32\csrss.exe (680) C:\Windows\system32\services.exe (728) C:\Windows\system32\lsass.exe (768) C:\Windows\system32\winlogon.exe (776) C:\Windows\system32\lsm.exe (812) C:\Windows\system32\svchost.exe (900) C:\Windows\system32\nvvsvc.exe (972) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (1000) C:\Windows\system32\svchost.exe (420) C:\Windows\system32\atiesrxx.exe (580) C:\Windows\System32\svchost.exe (712) C:\Windows\System32\svchost.exe (1064) C:\Windows\system32\svchost.exe (1092) C:\Windows\system32\svchost.exe (1216) C:\Windows\system32\svchost.exe (1312) C:\Windows\system32\atieclxx.exe (1400) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1472) C:\Windows\system32\nvvsvc.exe (1484) C:\Windows\System32\spoolsv.exe (1688) C:\Windows\system32\taskhost.exe (1700) C:\Windows\system32\Dwm.exe (1792) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (1808) C:\Windows\Explorer.EXE (1836) C:\Windows\system32\svchost.exe (1992) C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 7\WVSScheduler7.exe (1128) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1576) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (2052) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (2084) C:\Program Files (x86)\Cacheman\CachemanServ.exe (2156) C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe (2220) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (2272) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (2312) C:\Windows\System32\svchost.exe (2368) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe (2388) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (2560) C:\Windows\system32\conhost.exe (2568) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (2624) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe (2672) C:\Windows\System32\svchost.exe (2708) C:\Windows\SysWOW64\PnkBstrA.exe (2728) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (2892) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2912) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (2936) C:\Windows\SysWOW64\vmnat.exe (2960) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (3000) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe (3024) C:\Windows\system32\SearchIndexer.exe (1272) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (2444) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (2572) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (1900) C:\Windows\system32\wbem\wmiprvse.exe (1296) C:\Windows\SysWOW64\vmnetdhcp.exe (3196) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (3244) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (3376) C:\Windows\system32\DllHost.exe (3384) C:\Windows\system32\svchost.exe (4092) C:\Windows\sysWOW64\wbem\wmiprvse.exe (3688) C:\Windows\system32\svchost.exe (3804) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (4060) C:\Program Files (x86)\Nero\Update\NASvc.exe (3224) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (3844) C:\Program Files\Windows Media Player\wmpnetwk.exe (4068) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (4632) C:\Users\ANONYMOUS\Local Settings\Apps\F.lux\flux.exe (4672) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (4700) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (4984) C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe (1940) C:\Windows\system32\svchost.exe (3852) C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe (4016) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (4272) C:\Program Files (x86)\iTunes\iTunesHelper.exe (3008) C:\Program Files\iPod\bin\iPodService.exe (4756) C:\UsbFix\Go.exe (3568) ################## | Processus Stoppés | Stoppé! C:\Windows\system32\nvvsvc.exe (972) Stoppé! C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (1000) Stoppé! C:\Windows\system32\atiesrxx.exe (580) Stoppé! C:\Windows\system32\atieclxx.exe (1400) Stoppé! C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1472) Stoppé! C:\Windows\system32\nvvsvc.exe (1484) Stoppé! C:\Windows\System32\spoolsv.exe (1688) Stoppé! C:\Windows\system32\taskhost.exe (1700) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (1808) Stoppé! C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 7\WVSScheduler7.exe (1128) Stoppé! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1576) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (2052) Stoppé! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (2084) Stoppé! C:\Program Files (x86)\Cacheman\CachemanServ.exe (2156) Stoppé! C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe (2220) Stoppé! C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (2272) Stoppé! C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (2312) Stoppé! C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe (2388) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (2560) Stoppé! C:\Windows\system32\conhost.exe (2568) Stoppé! C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (2624) Stoppé! C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe (2672) Stoppé! C:\Windows\SysWOW64\PnkBstrA.exe (2728) Stoppé! C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (2892) Stoppé! C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2912) Stoppé! C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (2936) Stoppé! C:\Windows\SysWOW64\vmnat.exe (2960) Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (3000) Stoppé! C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe (3024) Stoppé! C:\Windows\system32\SearchIndexer.exe (1272) Stoppé! C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (2444) Stoppé! C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (2572) Stoppé! C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (1900) Stoppé! C:\Windows\SysWOW64\vmnetdhcp.exe (3196) Stoppé! C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (3376) Stoppé! C:\Windows\system32\DllHost.exe (3384) Stoppé! C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (4060) Stoppé! C:\Program Files (x86)\Nero\Update\NASvc.exe (3224) Stoppé! C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (3844) Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (4068) Stoppé! C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (4632) Stoppé! C:\Users\ANONYMOUS\Local Settings\Apps\F.lux\flux.exe (4672) Stoppé! C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (4700) Stoppé! C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (4984) Stoppé! C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe (1940) Stoppé! C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe (4016) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (4272) Stoppé! C:\Program Files (x86)\iTunes\iTunesHelper.exe (3008) Stoppé! C:\Program Files\iPod\bin\iPodService.exe (4756) ################## | Éléments infectieux | Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3502637348-2363490317-610118177-500 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-4057456930-615517595-1230037521-1000 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-4057456930-615517595-1230037521-500 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-4057456930-615517595-1230037521-1000 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-4057456930-615517595-1230037521-500 (!) Fichiers temporaires supprimés. ################## | Registre | Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoResolveSearch ################## | Mountpoints2 | Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\G Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{ad736f35-635b-11e0-9d4c-90fba62e6b15} ################## | Listing | [16/02/2012 - 20:01:32 | SHD ] C:\$Recycle.Bin [23/10/2011 - 19:31:09 | N | 1024] C:\.rnd [24/09/2011 - 12:48:28 | N | 7648314] C:\01-raelsan.mp3 [17/06/2010 - 11:02:47 | D ] C:\AcerSW [08/02/2012 - 12:50:17 | N | 2774] C:\AdwCleaner[R1].txt [08/02/2012 - 12:52:02 | N | 2516] C:\AdwCleaner[s1].txt [16/02/2012 - 04:25:52 | N | 1923] C:\ANONYMOUS-PC.rtf [17/06/2010 - 11:02:41 | D ] C:\book [13/10/2009 - 00:02:21 | N | 8192] C:\BOOTSECT.BAK [16/02/2012 - 04:25:47 | D ] C:\Config.Msi [07/04/2011 - 13:56:07 | D ] C:\cygwin [14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings [23/10/2011 - 19:35:14 | D ] C:\Downloads [17/06/2010 - 10:50:23 | D ] C:\ENZ1LP11 [07/11/2007 - 07:00:40 | N | 17734] C:\eula.1028.txt [07/11/2007 - 07:00:40 | N | 17734] C:\eula.1031.txt [07/11/2007 - 07:00:40 | N | 10134] C:\eula.1033.txt [07/11/2007 - 07:00:40 | N | 17734] C:\eula.1036.txt [07/11/2007 - 07:00:40 | N | 17734] C:\eula.1040.txt [07/11/2007 - 07:00:40 | N | 118] C:\eula.1041.txt [07/11/2007 - 07:00:40 | N | 17734] C:\eula.1042.txt [07/11/2007 - 07:00:40 | N | 17734] C:\eula.2052.txt [07/11/2007 - 07:00:40 | N | 17734] C:\eula.3082.txt [01/08/2010 - 00:54:15 | N | 7132] C:\Fading Spy_9139.zip [05/08/2010 - 13:11:44 | D ] C:\Fraps [20/10/2010 - 14:41:02 | D ] C:\Games [07/11/2007 - 07:00:40 | N | 1110] C:\globdata.ini [01/07/2011 - 01:46:43 | D ] C:\hb2860d48 [16/02/2012 - 19:48:30 | ASH | 6435434496] C:\hiberfil.sys [07/11/2007 - 07:44:20 | N | 855040] C:\install.exe [07/11/2007 - 07:00:40 | N | 843] C:\install.ini [07/11/2007 - 07:44:20 | N | 75280] C:\install.res.1028.dll [07/11/2007 - 07:44:20 | N | 95248] C:\install.res.1031.dll [07/11/2007 - 07:44:20 | N | 90128] C:\install.res.1033.dll [07/11/2007 - 07:44:20 | N | 96272] C:\install.res.1036.dll [07/11/2007 - 07:44:20 | N | 94224] C:\install.res.1040.dll [07/11/2007 - 07:44:20 | N | 80400] C:\install.res.1041.dll [07/11/2007 - 07:44:20 | N | 78864] C:\install.res.1042.dll [07/11/2007 - 07:44:20 | N | 74768] C:\install.res.2052.dll [07/11/2007 - 07:44:20 | N | 95248] C:\install.res.3082.dll [12/10/2009 - 23:08:02 | D ] C:\Intel [28/04/2011 - 21:24:14 | N | 12948744] C:\lol.mp3 [30/11/2011 - 18:27:49 | D ] C:\MDK [30/11/2011 - 18:25:51 | N | 1494193] C:\MDK.rar.fdp [12/10/2009 - 23:37:39 | RHD ] C:\MSOCache [03/04/2011 - 23:22:07 | D ] C:\MySLAXTemp [03/12/2010 - 13:17:35 | D ] C:\Northrend [20/03/2011 - 23:15:29 | D ] C:\NVIDIA [17/06/2010 - 11:02:45 | D ] C:\OEM [12/02/2011 - 14:52:20 | N | 231398] C:\P1005.log [16/02/2012 - 19:48:31 | ASH | 8580579328] C:\pagefile.sys [14/07/2009 - 04:20:08 | D ] C:\PerfLogs [07/05/2011 - 00:12:42 | D ] C:\Perl64 [30/11/2011 - 15:26:21 | N | 512] C:\PhysicalDisk0_MBR.bin [16/02/2012 - 04:31:51 | N | 512] C:\PhysicalMBR.bin [16/02/2012 - 04:23:14 | D ] C:\Program Files [16/02/2012 - 16:26:16 | D ] C:\Program Files (x86) [02/01/2012 - 19:04:04 | HD ] C:\ProgramData [21/09/2010 - 12:01:50 | D ] C:\Python26 [12/10/2009 - 23:21:09 | D ] C:\RaidTool [17/06/2010 - 10:45:01 | SHD ] C:\Recovery [01/03/2011 - 00:11:00 | D ] C:\RECYCLED [23/12/2009 - 19:39:37 | N | 2022] C:\RHDSetup.log [25/08/2010 - 22:52:56 | N | 89] C:\Setting.txt [16/02/2012 - 15:24:10 | SHD ] C:\System Volume Information [09/02/2012 - 13:45:49 | N | 86376] C:\TDSSKiller.2.7.11.0_09.02.2012_13.45.23_log.txt [23/09/2010 - 14:27:53 | D ] C:\Temp [16/02/2012 - 20:01:32 | D ] C:\UsbFix [16/02/2012 - 20:01:17 | A | 12934] C:\UsbFix.txt [29/11/2011 - 19:49:05 | D ] C:\Users [07/11/2007 - 07:00:40 | N | 5686] C:\vcredist.bmp [18/08/2010 - 19:47:30 | D ] C:\vcs5BGEffects [07/11/2007 - 07:50:40 | N | 1927956] C:\VC_RED.cab [07/11/2007 - 07:53:12 | N | 242176] C:\VC_RED.MSI [16/02/2012 - 19:39:35 | D ] C:\Windows [07/02/2012 - 13:16:53 | D ] C:\ZHP [16/02/2012 - 19:47:34 | D ] C:\_OTL [16/02/2012 - 20:01:32 | SHD ] D:\$RECYCLE.BIN [01/05/2011 - 12:24:15 | N | 454] D:\Acer (C).lnk [30/01/2012 - 17:38:47 | D ] D:\ANONYMOUS-PC [12/07/2010 - 02:44:03 | N | 524] D:\log.txt [30/06/2010 - 14:49:55 | N | 528] D:\MediaID.bin [16/02/2011 - 21:31:36 | D ] D:\msdownld.tmp [01/02/2012 - 00:39:46 | SHD ] D:\System Volume Information [30/06/2010 - 14:52:54 | D ] D:\WindowsImageBackup ################## | Vaccin | C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) Merci bien

Oui j'ai bien compris que c'était le volume qui avait fait planter la page, c'est pourquoi j'ai host le rapport volumineux Merci d'avance pour la suite de l'aide

Bonjour. Apparemment la page 2 de l'ancien topic a planté. Voici donc les résultats de l'analyse. OTL logfile (OTL.txt) Et le deuxième : OTL Extras logfile Merci encore.

Merci bien OTL logfile created on: 2/16/2012 4:29:37 AM - Run 1 OTL by OldTimer - Version 3.2.32.0 Folder = C:\Users\ANONYMOUS\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Suisse | Language: FRS | Date Format: dd.MM.yyyy 7.99 Gb Total Physical Memory | 5.74 Gb Available Physical Memory | 71.83% Memory free 15.98 Gb Paging File | 13.47 Gb Available in Paging File | 84.31% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 457.95 Gb Total Space | 147.21 Gb Free Space | 32.15% Space Free | Partition Type: NTFS Drive D: | 458.46 Gb Total Space | 93.47 Gb Free Space | 20.39% Space Free | Partition Type: NTFS Computer Name: ANONYMOUS-PC | User Name: ANONYMOUS | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/02/16 04:10:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\ANONYMOUS\Desktop\OTL.exe PRC - [2012/01/19 12:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/12/01 17:55:16 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011/12/01 17:55:05 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2011/12/01 17:55:05 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011/12/01 03:08:53 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011/10/24 16:51:19 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe PRC - [2011/10/15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011/08/22 16:07:32 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe PRC - [2011/08/22 16:06:56 | 000,432,752 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe PRC - [2011/08/22 15:34:52 | 011,837,440 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe PRC - [2011/08/22 14:28:42 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe PRC - [2011/04/06 16:31:12 | 000,675,128 | ---- | M] (Acunetix Ltd.) -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 7\WVSScheduler7.exe PRC - [2011/03/28 15:47:08 | 000,235,872 | ---- | M] (Outertech) -- C:\Program Files (x86)\Cacheman\CachemanServ.exe PRC - [2010/12/09 20:28:24 | 001,226,608 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2009/10/19 19:03:50 | 000,995,328 | ---- | M] (D-Link Corp.) -- C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe PRC - [2009/10/19 18:39:38 | 000,122,880 | ---- | M] (Wireless Service) -- C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe PRC - [2009/08/29 07:00:12 | 000,966,656 | ---- | M] () -- C:\Users\ANONYMOUS\Local Settings\Apps\F.lux\flux.exe PRC - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe PRC - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe PRC - [2009/08/12 23:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2009/07/07 19:49:20 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe PRC - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe PRC - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007/01/01 22:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/03/22 22:54:53 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\D-Link\DWA-125 revA\ANPDApi.dll MOD - [2010/12/09 20:29:16 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2010/12/09 20:28:24 | 001,226,608 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe MOD - [2009/10/19 18:59:12 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\D-Link\DWA-125 revA\wlanapp.dll MOD - [2009/08/29 07:00:12 | 000,966,656 | ---- | M] () -- C:\Users\ANONYMOUS\Local Settings\Apps\F.lux\flux.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011/12/30 17:08:36 | 000,010,240 | ---- | M] (SeriousBit) [Auto | Running] -- C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe -- (NetBalancer Windows Service) SRV:[b]64bit:[/b] - [2011/11/14 12:54:06 | 000,427,640 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\x64\maconfservice.exe -- (maconfservice) SRV:[b]64bit:[/b] - [2009/11/18 06:45:38 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2012/01/19 12:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/12/17 15:01:47 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011/12/01 17:55:16 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/12/01 17:55:05 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/12/01 03:08:53 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011/10/15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011/08/22 16:07:32 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2011/08/22 16:06:56 | 000,432,752 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2011/08/22 15:34:52 | 011,837,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd) SRV - [2011/08/22 14:28:42 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService) SRV - [2011/08/21 22:11:28 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService) SRV - [2011/04/06 16:31:12 | 000,675,128 | ---- | M] (Acunetix Ltd.) [Auto | Running] -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 7\WVSScheduler7.exe -- (AcuWVSSchedulerv7) SRV - [2011/03/28 15:47:08 | 000,235,872 | ---- | M] (Outertech) [Auto | Running] -- C:\Program Files (x86)\Cacheman\CachemanServ.exe -- (CachemanService) SRV - [2010/08/20 21:08:46 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService) SRV - [2010/06/25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010/03/22 09:17:24 | 000,276,584 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/09/10 14:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2009/08/25 18:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009/08/21 09:27:26 | 000,126,976 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWZCSdS.exe -- (D_Link_DWA-125) SRV - [2009/08/12 23:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2009/07/07 19:49:20 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe -- (D_Link_DWA-125_WPS) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2008/08/07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012/02/15 22:53:34 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:[b]64bit:[/b] - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2011/12/01 17:55:27 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:[b]64bit:[/b] - [2011/12/01 17:55:27 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:[b]64bit:[/b] - [2011/10/27 13:05:28 | 000,230,864 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:[b]64bit:[/b] - [2011/08/22 16:07:58 | 000,062,064 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:[b]64bit:[/b] - [2011/08/22 16:06:14 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:[b]64bit:[/b] - [2011/08/22 14:12:26 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge) DRV:[b]64bit:[/b] - [2011/08/22 14:12:26 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:[b]64bit:[/b] - [2011/08/21 22:11:26 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:[b]64bit:[/b] - [2011/08/08 13:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:[b]64bit:[/b] - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2011/07/21 19:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64) DRV:[b]64bit:[/b] - [2011/07/08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2011/05/18 16:57:32 | 000,041,256 | ---- | M] (SeriousBit) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nbdrv.sys -- (Nbdrv) DRV:[b]64bit:[/b] - [2011/04/26 10:21:06 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:[b]64bit:[/b] - [2011/04/10 11:19:33 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2011/03/21 16:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisPT) DRV:[b]64bit:[/b] - [2011/03/21 16:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisMP) DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/10/29 15:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b]64bit:[/b] - [2010/09/25 23:06:21 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2010/08/24 18:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2010/08/24 18:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2010/08/24 18:28:58 | 000,074,320 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb) DRV:[b]64bit:[/b] - [2010/06/25 18:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:[b]64bit:[/b] - [2010/04/16 20:24:34 | 000,027,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (HID) DRV:[b]64bit:[/b] - [2010/04/05 23:37:42 | 000,301,232 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) Intel(R) DRV:[b]64bit:[/b] - [2010/03/23 23:47:26 | 000,034,472 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iqvw64e.sys -- (NAL) DRV:[b]64bit:[/b] - [2010/01/27 15:58:38 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:[b]64bit:[/b] - [2009/11/18 07:21:18 | 006,171,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009/09/30 02:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009/09/15 14:59:30 | 000,042,088 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvoclk64.sys -- (nvoclk64) DRV:[b]64bit:[/b] - [2009/09/15 12:36:48 | 001,061,888 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Dnetr28ux.sys -- (netr28ux) DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/06/19 23:56:08 | 000,712,704 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x) DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/06/05 02:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009/06/02 12:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:[b]64bit:[/b] - [2009/06/02 12:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:[b]64bit:[/b] - [2009/06/02 12:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:[b]64bit:[/b] - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2009/05/06 00:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:[b]64bit:[/b] - [2009/05/06 00:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:[b]64bit:[/b] - [2009/03/06 18:10:10 | 000,015,872 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\anodlwfx.sys -- (anodlwf) DRV - [2011/03/18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan) DRV - [2009/12/18 09:58:52 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2002/07/17 07:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (Aspi32) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://homepage.acer.com/rdr.aspx?b=ACAW&l=100c&m=aspire_m5810&r=17360610qn16973258l55qd9j3934q]http://homepage.acer.com/rdr.aspx?b=ACAW&l=100c&m=aspire_m5810&r=17360610qn16973258l55qd9j3934q[/url] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url=http://homepage.acer.com/rdr.aspx?b=ACAW&l=100c&m=aspire_m5810&r=17360610qn16973258l55qd9j3934q]http://homepage.acer.com/rdr.aspx?b=ACAW&l=100c&m=aspire_m5810&r=17360610qn16973258l55qd9j3934q[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://homepage.acer.com/rdr.aspx?b=ACAW&l=100c&m=aspire_m5810&r=17360610qn16973258l55qd9j3934q]http://homepage.acer.com/rdr.aspx?b=ACAW&l=100c&m=aspire_m5810&r=17360610qn16973258l55qd9j3934q[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url=http://homepage.acer.com/rdr.aspx?b=ACAW&l=100c&m=aspire_m5810&r=17360610qn16973258l55qd9j3934q]http://homepage.acer.com/rdr.aspx?b=ACAW&l=100c&m=aspire_m5810&r=17360610qn16973258l55qd9j3934q[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://homepage.acer.com/rdr.aspx?b=ACAW&l=100c&m=aspire_m5810&r=17360610qn16973258l55qd9j3934q]http://homepage.acer.com/rdr.aspx?b=ACAW&l=100c&m=aspire_m5810&r=17360610qn16973258l55qd9j3934q[/url] IE - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url] IE - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-4057456930-615517595-1230037521-1005\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-type: "${8}" FF - prefs.js..browser.startup.homepage: "http://freakylinks.info/643" FF - prefs.js..network.proxy.http: "84.246.229.102" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.type: 0 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\x64\nphardwaredetection.dll (Cybelsoft) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ANONYMOUS\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ANONYMOUS\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/01/18 22:21:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/01/18 22:21:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/16 04:17:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/02/16 04:17:41 | 000,000,000 | ---D | M] [2012/02/08 12:51:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ANONYMOUS\AppData\Roaming\mozilla\Extensions [2010/07/04 19:22:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ANONYMOUS\AppData\Roaming\mozilla\Extensions\[email protected] [2012/01/16 08:35:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ANONYMOUS\AppData\Roaming\mozilla\Firefox\Profiles\y6dert9v.default\extensions [2011/01/21 22:38:52 | 000,000,000 | ---D | M] (TradeManager-Plugin) -- C:\Users\ANONYMOUS\AppData\Roaming\mozilla\Firefox\Profiles\y6dert9v.default\extensions\{4D144BC3-23FB-47de-90C5-63CCB0139CCF} [2010/07/08 21:14:14 | 000,000,000 | ---D | M] (Tamper Data) -- C:\Users\ANONYMOUS\AppData\Roaming\mozilla\Firefox\Profiles\y6dert9v.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947} [2011/11/02 23:00:01 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\ANONYMOUS\AppData\Roaming\mozilla\Firefox\Profiles\y6dert9v.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012/01/16 08:35:30 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\ANONYMOUS\AppData\Roaming\mozilla\Firefox\Profiles\y6dert9v.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010/12/16 01:03:32 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\ANONYMOUS\AppData\Roaming\mozilla\Firefox\Profiles\y6dert9v.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593} [2010/10/27 20:28:14 | 000,000,000 | ---D | M] (Illimitux) -- C:\Users\ANONYMOUS\AppData\Roaming\mozilla\Firefox\Profiles\y6dert9v.default\extensions\[email protected] [2011/04/10 11:19:21 | 000,002,055 | ---- | M] () -- C:\Users\ANONYMOUS\AppData\Roaming\Mozilla\Firefox\Profiles\y6dert9v.default\searchplugins\daemon-search.xml [2010/08/12 09:21:06 | 000,002,510 | ---- | M] () -- C:\Users\ANONYMOUS\AppData\Roaming\Mozilla\Firefox\Profiles\y6dert9v.default\searchplugins\ShareazaWebSearch.xml [2012/02/16 04:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/02/16 04:14:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} () (No name found) -- C:\USERS\ANONYMOUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y6DERT9V.DEFAULT\EXTENSIONS\{E0204BD5-9D31-402B-A99D-A6AA8FFEBDCA}.XPI [2012/02/08 21:13:49 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2006/10/26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2012/01/03 14:10:44 | 000,182,672 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012/02/16 04:17:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012/02/16 04:17:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012/02/16 04:17:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012/02/16 04:17:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012/02/16 04:17:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012/02/16 04:17:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012/02/16 04:17:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012/02/08 18:12:58 | 000,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml [2012/02/08 18:12:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/02/08 18:12:58 | 000,001,131 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml [2012/02/08 18:12:58 | 000,002,364 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml [2010/08/12 09:21:06 | 000,002,510 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\ShareazaWebSearch.xml [2012/02/08 18:12:58 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml [2012/02/08 18:12:58 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml [2012/02/08 18:12:58 | 000,001,096 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Disabled) = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\Application\17.0.963.46\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\Application\17.0.963.46\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\Application\17.0.963.46\pdf.dll CHR - plugin: FireShot Chrome Plugin (Enabled) = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\legfpnnmhhnhjgekmmbkilmijnjoehne\0.92_0\plugin/npfireshot.dll CHR - plugin: FireShot Chrome Plugin (Enabled) = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\legfpnnmhhnhjgekmmbkilmijnjoehne\0.92_0\plugin/npfshtml.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\ANONYMOUS\AppData\Roaming\Mozilla\plugins\np-mswmp.dll CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U3 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Ma-Config.com plugin (Enabled) = C:\Program Files\ma-config.com\nphardwaredetection.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.4_0\ CHR - Extension: Proxy Switchy! = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\caehdcpeofiiigpdhbabniblemipncjj\1.6.3_0\ CHR - Extension: Recherche Google = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\ CHR - Extension: Flag for Chrome = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\ CHR - Extension: Easy Youtube Video Downloader = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmknocfkgffdgekmfonabppnhdgmghem\4.1_0\ CHR - Extension: Fast YouTube Search = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggkljdkflooidjlkahdnfgodflkelkai\1.2_0\ CHR - Extension: AdBlock = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.15_0\ CHR - Extension: Click to change the icon's color = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\legfpnnmhhnhjgekmmbkilmijnjoehne\0.92_0\ CHR - Extension: Real-Debrid Plugin = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngegibkgkldpcmicobbbehhdkjcmfgfa\1.6.5_0\ CHR - Extension: Speed Dial FR = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\phaoimflnogfibgpdkcegkdifgmnpjbo\2.0\ CHR - Extension: Gmail = C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (NXIECatcher Class) - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files (x86)\Xi\NetXfer\NXIEHelper.dll (Xi) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (MediaBar) - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files (x86)\Shareaza Applications\MediaBar\ToolBar\ShareazaMediabarDx.dll () O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (NetXfer) - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files (x86)\Xi\NetXfer\NXToolBar.dll (Xi) O3 - HKLM\..\Toolbar: (MediaBar) - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files (x86)\Shareaza Applications\MediaBar\ToolBar\ShareazaMediabarDx.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:[b]64bit:[/b] - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [D-Link D-Link DWA-125] C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe (D-Link Corp.) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [WZCSLDR2] C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe (Wireless Service) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000..\Run: [eophoto] C:\Program Files (x86)\quart.vbs () O4 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000..\Run: [F.lux] C:\Users\ANONYMOUS\Local Settings\Apps\F.lux\flux.exe () O4 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000..\Run: [Google Update] C:\Users\ANONYMOUS\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) O4 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000..\Run: [skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) O4 - HKU\S-1-5-21-4057456930-615517595-1230037521-1005..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [NSIS.Library.RegTool.v3] C:\Program Files (x86)\FileZilla FTP Client\NSIS.Library.RegTool.v3.{F567C7AD-58BA-4E99-8E05-F10E22051503}.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-4057456930-615517595-1230037521-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-4057456930-615517595-1230037521-1005..\RunOnce: [scrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1 O7 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableThumbnailsOnNetworkFolders = 1 O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8:[b]64bit:[/b] - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ANONYMOUS\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:[b]64bit:[/b] - Extra context menu item: Télécharger en Utilisant &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm () O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ANONYMOUS\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Télécharger en Utilisant &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm () O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\..Trusted Domains: dainrauscher.com ([]https in Local intranet) O15 - HKU\S-1-5-21-4057456930-615517595-1230037521-1000\..Trusted Domains: rbcdain.com ([]https in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url=http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab]http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab[/url] (Java Plug-in 10.3.0) O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} [url=http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab]http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab[/url] (Java Plug-in 1.7.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url=http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab]http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab[/url] (Java Plug-in 1.7.0_03) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} [url=http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[/url] (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url=http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab]http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab[/url] (Java Plug-in 10.3.0) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} [url=http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx]http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx[/url] (Reg Error: Key error.) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} [url=http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[/url] (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab[/url] (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} [url=http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab]http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab[/url] (Java Plug-in 1.7.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url=http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab]http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab[/url] (Java Plug-in 1.7.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.230.1.39 194.230.1.103 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F5E040E-AF2E-410A-A65F-3E0D8B4D5DA3}: DhcpNameServer = 194.230.1.39 194.230.1.103 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B108EB49-2193-43D2-AD49-91D1FBE45651}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{ad736f35-635b-11e0-9d4c-90fba62e6b15}\Shell - "" = AutoRun O33 - MountPoints2\{ad736f35-635b-11e0-9d4c-90fba62e6b15}\Shell\AutoRun\command - "" = F:\start.exe /checksection O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Status Monitor.lnk - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe - (Brother Industries, Ltd.) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless Connection Manager.lnk - - File not found MsConfig:64bit - StartUpFolder: C:^Users^ANONYMOUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Bitcoin.lnk - C:\Program Files (x86)\Bitcoin\bitcoin.exe - () MsConfig:64bit - StartUpFolder: C:^Users^ANONYMOUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip - - File not found MsConfig:64bit - StartUpFolder: C:^Users^ANONYMOUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk - C:\Program Files (x86)\LimeWire\LimeWire.exe - (Lime Wire, LLC) MsConfig:64bit - StartUpFolder: C:^Users^ANONYMOUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe - () MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]APSDaemon[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig:64bit - StartUpReg: [b]ArcadeDeluxeAgent[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]avgnt[/b] - hkey= - key= - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) MsConfig:64bit - StartUpReg: [b]BackupManagerTray[/b] - hkey= - key= - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) MsConfig:64bit - StartUpReg: [b]BrMfcWnd[/b] - hkey= - key= - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.) MsConfig:64bit - StartUpReg: [b]CachemanTray[/b] - hkey= - key= - C:\Program Files (x86)\Cacheman\CachemanTray.exe (Outertech) MsConfig:64bit - StartUpReg: [b]ControlCenter3[/b] - hkey= - key= - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) MsConfig:64bit - StartUpReg: [b]D-Link D-Link DWA-125[/b] - hkey= - key= - C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe (D-Link Corp.) MsConfig:64bit - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig:64bit - StartUpReg: [b]DivX Download Manager[/b] - hkey= - key= - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) MsConfig:64bit - StartUpReg: [b]DivXUpdate[/b] - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MsConfig:64bit - StartUpReg: [b]EgisTecLiveUpdate[/b] - hkey= - key= - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) MsConfig:64bit - StartUpReg: [b]Global Registration[/b] - hkey= - key= - C:\Program Files (x86)\Acer\Registration\GREG.exe (Acer Incorporated) MsConfig:64bit - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Users\ANONYMOUS\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig:64bit - StartUpReg: [b]googletalk[/b] - hkey= - key= - C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google) MsConfig:64bit - StartUpReg: [b]Hotkey Utility[/b] - hkey= - key= - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () MsConfig:64bit - StartUpReg: [b]IAAnotif[/b] - hkey= - key= - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) MsConfig:64bit - StartUpReg: [b]Invisible Secrets 4[/b] - hkey= - key= - C:\Program Files (x86)\Invisible Secrets 4\invtray.exe () MsConfig:64bit - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig:64bit - StartUpReg: [b]JMB36X IDE Setup[/b] - hkey= - key= - C:\Windows\RaidTool\xInsIDE.exe () MsConfig:64bit - StartUpReg: [b]Malwarebytes' Anti-Malware[/b] - hkey= - key= - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) MsConfig:64bit - StartUpReg: [b]Messenger (Yahoo!)[/b] - hkey= - key= - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) MsConfig:64bit - StartUpReg: [b]msnmsgr[/b] - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: [b]mwlDaemon[/b] - hkey= - key= - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) MsConfig:64bit - StartUpReg: [b]NortonOnlineBackupReminder[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]PlayMovie[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]PLD_FrameworkRun[/b] - hkey= - key= - C:\Windows\SysNative\OEM\setEvent.exe () MsConfig:64bit - StartUpReg: [b]PlusService[/b] - hkey= - key= - C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software) MsConfig:64bit - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) MsConfig:64bit - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) MsConfig:64bit - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig:64bit - StartUpReg: [b]Skytel[/b] - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\Skytel.exe (Realtek Semiconductor Corp.) MsConfig:64bit - StartUpReg: [b]StartCCC[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]Steam[/b] - hkey= - key= - c:\program files (x86)\steam\steam.exe (Valve Corporation) MsConfig:64bit - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig:64bit - StartUpReg: [b]VoipCheapCom[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]WZCSLDR2[/b] - hkey= - key= - C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe (Wireless Service) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] mcmscsvc - Service SafeBootMin:[b]64bit:[/b] MCODS - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] mcmscsvc - Service SafeBootNet:[b]64bit:[/b] MCODS - Service SafeBootNet:[b]64bit:[/b] MpfService - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:[b]64bit:[/b] {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:[b]64bit:[/b] >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:[b]64bit:[/b] >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4 ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:[b]64bit:[/b] VIDC.FPS1 - frapsv64.dll (Beepa P/L) Drivers32:[b]64bit:[/b] VIDC.XFR1 - xfcodec64.dll () Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS [url=http://hp.vector.co.jp/authors/VA012897/)]http://hp.vector.co.jp/authors/VA012897/)[/url] Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software) Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L) Drivers32: vidc.mjpg - C:\Windows\SysWow64\pvmjpg30.dll (Pegasus Imaging Corporation) Drivers32: VIDC.VMnc - C:\Windows\SysWow64\vmnc.dll (VMware, Inc.) Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll () Drivers32: vidc.xvid - C:\Windows\SysWow64\xvidvfw.dll () Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/02/16 04:25:51 | 000,000,000 | ---D | C] -- C:\Users\ANONYMOUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012/02/16 04:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012/02/16 04:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2012/02/16 04:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012/02/16 04:24:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012/02/16 04:24:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012/02/16 04:23:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012/02/16 04:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012/02/16 04:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/02/16 04:20:20 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012/02/16 04:20:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012/02/16 04:20:20 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/02/16 04:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012/02/16 04:17:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2012/02/16 04:16:27 | 000,750,488 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll [2012/02/16 04:16:27 | 000,264,584 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012/02/16 04:16:27 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012/02/16 04:16:27 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012/02/16 04:16:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012/02/16 04:15:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012/02/16 04:15:46 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll [2012/02/16 04:12:12 | 000,317,032 | ---- | C] (www.patchmypc.net) -- C:\Users\ANONYMOUS\Desktop\PatchMyPC.exe [2012/02/16 04:10:00 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\ANONYMOUS\Desktop\OTL.exe [2012/02/15 14:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SEAF [2012/02/14 03:31:19 | 000,000,000 | ---D | C] -- C:\Users\ANONYMOUS\Desktop\JPII [2012/02/11 05:06:51 | 000,000,000 | ---D | C] -- C:\Users\ANONYMOUS\Desktop\Montre LED [2012/02/03 17:13:10 | 000,000,000 | ---D | C] -- C:\Users\ANONYMOUS\Desktop\Compte Vins [2012/02/03 17:12:55 | 000,000,000 | ---D | C] -- C:\Users\ANONYMOUS\Desktop\Amazon [2012/01/30 01:08:05 | 000,000,000 | ---D | C] -- C:\Users\ANONYMOUS\Desktop\ares_3.0 [2012/01/26 03:36:12 | 000,000,000 | ---D | C] -- C:\Users\ANONYMOUS\Documents\hidownload [2012/01/26 03:35:58 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll [2012/01/26 03:35:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamingStar [2012/01/26 03:35:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StreamingStar [2012/01/25 03:22:17 | 000,000,000 | ---D | C] -- C:\Users\ANONYMOUS\Documents\MAGIX [2012/01/25 03:16:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MAGIX_Music_Maker_MX [2012/01/23 02:45:42 | 000,000,000 | ---D | C] -- C:\Users\ANONYMOUS\Desktop\hjsplit [2012/01/22 05:24:13 | 000,000,000 | ---D | C] -- C:\Users\ANONYMOUS\AppData\Roaming\GrabIt [2012/01/22 05:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt [2012/01/22 05:03:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GrabIt [2012/01/18 10:09:07 | 000,000,000 | ---D | C] -- C:\Users\ANONYMOUS\Desktop\ttc [2012/01/17 16:35:12 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012/01/17 16:35:12 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012/01/17 16:35:12 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012/01/17 16:35:12 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012/01/17 16:35:12 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012/01/17 16:35:12 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2009/10/12 23:29:57 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe [2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/02/16 04:31:51 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/02/16 04:27:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4057456930-615517595-1230037521-1000UA.job [2012/02/16 04:25:52 | 000,001,923 | ---- | M] () -- C:\ANONYMOUS-PC.rtf [2012/02/16 04:20:38 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/02/16 04:17:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/02/16 04:16:24 | 000,750,488 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll [2012/02/16 04:16:24 | 000,660,368 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012/02/16 04:16:24 | 000,264,584 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012/02/16 04:16:24 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012/02/16 04:16:24 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012/02/16 04:15:42 | 000,637,848 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll [2012/02/16 04:15:42 | 000,567,696 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012/02/16 04:15:42 | 000,224,136 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012/02/16 04:15:42 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012/02/16 04:15:42 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012/02/16 04:14:10 | 000,002,048 | ---- | M] () -- C:\Users\ANONYMOUS\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2012/02/16 04:13:03 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/02/16 04:12:14 | 000,317,032 | ---- | M] (www.patchmypc.net) -- C:\Users\ANONYMOUS\Desktop\PatchMyPC.exe [2012/02/16 04:10:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\ANONYMOUS\Desktop\OTL.exe [2012/02/16 03:06:11 | 001,700,228 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/02/16 03:06:11 | 000,750,746 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2012/02/16 03:06:11 | 000,657,776 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/02/16 03:06:11 | 000,150,912 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2012/02/16 03:06:11 | 000,123,174 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/02/16 00:40:27 | 000,010,752 | ---- | M] () -- C:\Users\ANONYMOUS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/02/16 00:34:38 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4057456930-615517595-1230037521-1000Core.job [2012/02/16 00:17:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/02/15 22:53:34 | 000,132,320 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012/02/15 17:13:26 | 000,003,284 | ---- | M] () -- C:\Windows\SysWow64\ANIWZCS{9F5E040E-AF2E-410A-A65F-3E0D8B4D5DA3} [2012/02/15 17:13:26 | 000,003,284 | ---- | M] () -- C:\Users\ANONYMOUS\AppData\Roaming\ANIWZCS{9F5E040E-AF2E-410A-A65F-3E0D8B4D5DA3} [2012/02/15 17:13:06 | 000,000,010 | ---- | M] () -- C:\Windows\SysWow64\ANIWZCSUSERNAME{9F5E040E-AF2E-410A-A65F-3E0D8B4D5DA3} [2012/02/15 14:03:48 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/02/15 14:03:48 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/02/15 13:55:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/02/15 13:55:04 | 2140,467,199 | -HS- | M] () -- C:\hiberfil.sys [2012/02/14 16:08:37 | 000,122,904 | ---- | M] () -- C:\Users\ANONYMOUS\Desktop\Simple H1 manual trade.pdf [2012/02/14 12:28:54 | 000,000,008 | ---- | M] () -- C:\Windows\SysWow64\ANIWZCSUSERNAME [2012/02/13 14:47:28 | 000,189,757 | ---- | M] () -- C:\Users\ANONYMOUS\Desktop\2575516_700b.jpg [2012/02/11 18:47:49 | 000,280,976 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012/02/11 18:47:49 | 000,280,976 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/02/11 18:37:53 | 000,280,976 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012/01/30 13:27:54 | 000,000,028 | ---- | M] () -- C:\Windows\Robota.INI [2012/01/29 14:26:00 | 000,285,269 | ---- | M] () -- C:\Users\ANONYMOUS\AppData\Local\TempPath.jpg [2012/01/26 17:47:50 | 000,211,017 | ---- | M] () -- C:\Users\ANONYMOUS\Desktop\Télécharger.pdf [2012/01/25 11:01:02 | 000,536,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/01/25 03:20:26 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Music Maker MX.lnk [2012/01/20 20:03:54 | 000,000,000 | ---- | M] () -- C:\Windows\stfile [2012/01/20 20:02:30 | 000,005,792 | RH-- | M] () -- C:\Program Files (x86)\quart.vbs [2012/01/18 13:27:25 | 001,988,257 | ---- | M] () -- C:\Users\ANONYMOUS\Desktop\track2.mp3 [2012/01/18 13:26:59 | 000,020,190 | ---- | M] () -- C:\Users\ANONYMOUS\Desktop\track.aup [2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/02/16 04:31:51 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2012/02/16 04:25:52 | 000,001,923 | ---- | C] () -- C:\ANONYMOUS-PC.rtf [2012/02/16 04:20:38 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/02/14 16:08:36 | 000,122,904 | ---- | C] () -- C:\Users\ANONYMOUS\Desktop\Simple H1 manual trade.pdf [2012/02/13 14:43:42 | 000,189,757 | ---- | C] () -- C:\Users\ANONYMOUS\Desktop\2575516_700b.jpg [2012/02/11 01:55:52 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\ANIWZCSUSERNAME [2012/01/29 22:52:53 | 000,285,269 | ---- | C] () -- C:\Users\ANONYMOUS\AppData\Local\TempPath.jpg [2012/01/26 17:47:49 | 000,211,017 | ---- | C] () -- C:\Users\ANONYMOUS\Desktop\Télécharger.pdf [2012/01/25 03:20:26 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Music Maker MX.lnk [2012/01/23 15:37:25 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk [2012/01/20 20:02:36 | 000,000,000 | ---- | C] () -- C:\Windows\stfile [2012/01/20 20:02:30 | 000,005,792 | RH-- | C] () -- C:\Program Files (x86)\quart.vbs [2012/01/18 13:27:19 | 001,988,257 | ---- | C] () -- C:\Users\ANONYMOUS\Desktop\track2.mp3 [2012/01/18 03:51:41 | 667,072,651 | ---- | C] () -- C:\Users\ANONYMOUS\Desktop\Change Phenomena - DVD3.mp4 [2012/01/14 21:59:50 | 000,249,679 | ---- | C] () -- C:\Users\ANONYMOUS\AppData\Local\Tempscreen1.jpg [2012/01/14 21:59:50 | 000,138,569 | ---- | C] () -- C:\Users\ANONYMOUS\AppData\Local\Tempscreen2.jpg [2012/01/14 21:59:50 | 000,135,727 | ---- | C] () -- C:\Users\ANONYMOUS\AppData\Local\Tempscreen3.jpg [2011/12/26 16:28:31 | 000,175,892 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011/10/15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011/10/13 21:29:40 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2011/10/10 21:21:43 | 000,010,752 | ---- | C] () -- C:\Users\ANONYMOUS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/05/16 18:01:14 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011/05/14 23:02:05 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\winlogon.exe [2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011/03/28 22:47:49 | 000,000,088 | ---- | C] () -- C:\Windows\terminal.INI [2011/03/28 22:47:31 | 000,635,392 | ---- | C] () -- C:\Windows\SysWow64\authorize.dll [2011/03/22 22:56:29 | 000,000,253 | ---- | C] () -- C:\Users\ANONYMOUS\AppData\Roaming\ANICONFIG_{9F5E040E-AF2E-410A-A65F-3E0D8B4D5DA3}.ini [2011/03/22 22:55:38 | 000,003,284 | ---- | C] () -- C:\Users\ANONYMOUS\AppData\Roaming\ANIWZCS{9F5E040E-AF2E-410A-A65F-3E0D8B4D5DA3} [2011/03/22 22:54:35 | 000,302,080 | ---- | C] () -- C:\Windows\lwd.exe [2011/03/19 02:24:17 | 000,280,976 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/03/19 02:24:16 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/02/23 20:16:05 | 000,000,253 | ---- | C] () -- C:\Windows\hpwmdl19.dat.temp [2011/02/23 20:11:43 | 000,194,949 | ---- | C] () -- C:\Windows\hpwins19.dat [2011/02/23 20:11:43 | 000,000,253 | ---- | C] () -- C:\Windows\hpwmdl19.dat [2011/01/19 15:16:34 | 001,656,296 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/12/09 16:22:49 | 000,000,600 | ---- | C] () -- C:\Users\ANONYMOUS\AppData\Local\PUTTY.RND [2010/12/06 22:02:50 | 000,002,384 | ---- | C] () -- C:\Windows\SysWow64\LOWERP.ini [2010/12/06 22:02:50 | 000,001,248 | ---- | C] () -- C:\Windows\SysWow64\LPOff.ini [2010/11/05 09:17:21 | 000,003,284 | ---- | C] () -- C:\Users\ANONYMOUS\AppData\Roaming\ANIWZCS{57D2C78B-8D83-4650-A01D-DB071F21AD05} [2010/11/05 09:16:37 | 000,000,253 | ---- | C] () -- C:\Users\ANONYMOUS\AppData\Roaming\ANICONFIG_{57D2C78B-8D83-4650-A01D-DB071F21AD05}.ini [2010/10/15 15:01:15 | 000,000,342 | ---- | C] () -- C:\Users\ANONYMOUS\AppData\Roaming\wklnhst.dat [2010/10/14 23:17:59 | 000,000,028 | ---- | C] () -- C:\Windows\Robota.INI [2010/10/14 12:18:27 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2010/08/25 22:23:41 | 000,001,318 | ---- | C] () -- C:\Windows\SysWow64\msvtr.dll [2010/08/25 22:23:35 | 000,000,075 | ---- | C] () -- C:\Windows\am3.ini [2010/08/15 21:21:02 | 000,000,434 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010/08/15 21:21:02 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2010/08/13 22:04:19 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\ptlx55.dat.{5728B11F-B697-47AA-9C1B-8ECB545B5193} [2010/08/10 17:09:34 | 006,814,952 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe [2010/08/10 17:09:34 | 000,017,772 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpowerAMP Music Converter.dat [2010/08/06 19:25:38 | 000,000,277 | ---- | C] () -- C:\Windows\NPGUI.INI [2010/07/12 02:59:50 | 000,000,055 | ---- | C] () -- C:\Windows\SpeedGear.INI [2010/07/12 01:49:32 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll [2010/07/09 19:26:35 | 000,000,066 | ---- | C] () -- C:\Windows\SpeederXP.INI [2010/07/08 21:13:43 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010/07/02 18:49:44 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010/07/01 12:09:32 | 000,452,096 | ---- | C] () -- C:\Windows\SysWow64\nmap.exe [2010/07/01 12:09:32 | 000,290,816 | ---- | C] () -- C:\Windows\SysWow64\nmapserv.exe [2010/06/25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2010/01/06 19:18:26 | 000,190,976 | ---- | C] () -- C:\Windows\SysWow64\fanndoubleMT.dll [2009/10/12 23:04:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2008/12/17 23:30:06 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2008/12/17 23:30:06 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2007/01/26 00:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\SysWow64\mase32.dll [2007/01/26 00:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\ma32.dll [2002/10/15 23:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2002/06/06 01:01:58 | 000,029,696 | ---- | C] () -- C:\Windows\SysWow64\asutl8.dll [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [2007/11/07 07:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2011/05/26 15:52:40 | 000,353,792 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtmsft.dll [2011/05/26 15:52:40 | 000,223,232 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtrans.dll [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ALG.EXE >[/color] [2009/07/14 02:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=3290D6946B5E30E70414990574883DDB -- C:\Windows\SysNative\alg.exe [2009/07/14 02:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=3290D6946B5E30E70414990574883DDB -- C:\Windows\winsxs\amd64_microsoft-windows-alg_31bf3856ad364e35_6.1.7600.16385_none_04de43c774cf8fe3\alg.exe [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll [color=#A23BEC]< MD5 for: CSRSS.EXE >[/color] [2009/07/14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe [2009/07/14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2011/02/09 14:23:18 | 000,024,576 | R--- | M] () MD5=A6DB1881117C80F96FBB33132154A761 -- C:\Perl64\lib\auto\Win32\EventLog\EventLog.dll [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe [color=#A23BEC]< MD5 for: FXSSVC.EXE >[/color] [2009/07/14 02:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) MD5=D607B2F1BEE3992AA6C2C92C0A2F0855 -- C:\Windows\winsxs\amd64_microsoft-windows-fax-service_31bf3856ad364e35_6.1.7600.16385_none_09188b6499fa7318\FXSSVC.exe [2010/11/20 14:24:47 | 000,689,152 | ---- | M] (Microsoft Corporation) MD5=DBEFD454F8318A0EF691FDD2EAAB44EB -- C:\Windows\SysNative\FXSSVC.exe [2010/11/20 14:24:47 | 000,689,152 | ---- | M] (Microsoft Corporation) MD5=DBEFD454F8318A0EF691FDD2EAAB44EB -- C:\Windows\winsxs\amd64_microsoft-windows-fax-service_31bf3856ad364e35_6.1.7601.17514_none_0b499f2c96e8f6b2\FXSSVC.exe [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011/03/11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011/03/11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys [color=#A23BEC]< MD5 for: IESETUP.DLL >[/color] [2009/07/14 02:15:28 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=30AAEBF099DFB1CFAD22BB664E3F0BC5 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.7600.16385_none_e061527f36ced75c\iesetup.dll [2009/07/14 02:15:28 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=30AAEBF099DFB1CFAD22BB664E3F0BC5 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.7601.17514_none_e292664733bd5af6\iesetup.dll [2009/07/14 02:41:06 | 000,100,864 | ---- | M] (Microsoft Corporation) MD5=3FE08D3773020CD569F95FC84235CFFB -- C:\Windows\winsxs\amd64_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.7600.16385_none_3c7fee02ef2c4892\iesetup.dll [2009/07/14 02:41:06 | 000,100,864 | ---- | M] (Microsoft Corporation) MD5=3FE08D3773020CD569F95FC84235CFFB -- C:\Windows\winsxs\amd64_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.7601.17514_none_3eb101caec1acc2c\iesetup.dll [2011/05/26 15:52:40 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=802B0229D904E28C1EA9A5274AB457FC -- C:\Windows\SysWOW64\iesetup.dll [2011/05/26 15:52:40 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=802B0229D904E28C1EA9A5274AB457FC -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_9.4.8112.16421_none_de5057e278bf9ae3\iesetup.dll [2011/05/26 15:52:39 | 000,085,504 | ---- | M] (Microsoft Corporation) MD5=93202ED0B473A8FEDFD9F5E668BE72ED -- C:\Windows\SysNative\iesetup.dll [2011/05/26 15:52:39 | 000,085,504 | ---- | M] (Microsoft Corporation) MD5=93202ED0B473A8FEDFD9F5E668BE72ED -- C:\Windows\winsxs\amd64_microsoft-windows-ie-setup-support_31bf3856ad364e35_9.4.8112.16421_none_3a6ef366311d0c19\iesetup.dll [color=#A23BEC]< MD5 for: INSENG.DLL >[/color] [2010/11/20 13:19:23 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=1A592132917CB343E692B419C2A1BD9F -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_8.0.7601.17514_none_b6010cc91d0c5ec6\inseng.dll [2009/07/14 02:41:09 | 000,125,440 | ---- | M] (Microsoft Corporation) MD5=43B676CABE7B3E6BB1BD52208EB9A935 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-setup_31bf3856ad364e35_8.0.7600.16385_none_0fee9484d87b4c62\inseng.dll [2011/05/26 15:52:40 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=60B4F624BB87A3B21D3EC68F38DA6B61 -- C:\Windows\SysWOW64\inseng.dll [2011/05/26 15:52:40 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=60B4F624BB87A3B21D3EC68F38DA6B61 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_9.4.8112.16421_none_b1befe64620e9eb3\inseng.dll [2010/11/20 14:26:39 | 000,125,440 | ---- | M] (Microsoft Corporation) MD5=70454DC107F93A2261A340E5B89BF052 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-setup_31bf3856ad364e35_8.0.7601.17514_none_121fa84cd569cffc\inseng.dll [2011/05/26 15:52:39 | 000,103,936 | ---- | M] (Microsoft Corporation) MD5=B69A23F486D1687ACC36A6F4D9A217E2 -- C:\Windows\SysNative\inseng.dll [2011/05/26 15:52:39 | 000,103,936 | ---- | M] (Microsoft Corporation) MD5=B69A23F486D1687ACC36A6F4D9A217E2 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-setup_31bf3856ad364e35_9.4.8112.16421_none_0ddd99e81a6c0fe9\inseng.dll [2009/07/14 02:15:33 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=CEE8E89A211C5765DDFC20BBAACE2D48 -- C:\Windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_8.0.7600.16385_none_b3cff901201ddb2c\inseng.dll [color=#A23BEC]< MD5 for: LOCATOR.EXE >[/color] [2009/07/14 02:39:15 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=D5BA242D4CF8E384DB90E6A8ED850B8C -- C:\Windows\SysNative\Locator.exe [2009/07/14 02:39:15 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=D5BA242D4CF8E384DB90E6A8ED850B8C -- C:\Windows\winsxs\amd64_microsoft-windows-rpc-locator_31bf3856ad364e35_6.1.7600.16385_none_2b2984d40648fbe7\Locator.exe [color=#A23BEC]< MD5 for: LSASS.EXE >[/color] [2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe [2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe [2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe [2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe [2011/11/17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe [2011/11/17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe [2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe [2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe [2011/11/17 07:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe [color=#A23BEC]< MD5 for: MSDTC.EXE >[/color] [2009/07/14 02:39:21 | 000,141,824 | ---- | M] (Microsoft Corporation) MD5=DE0ECE52236CFA3ED2DBFC03F28253A8 -- C:\Windows\SysNative\msdtc.exe [2009/07/14 02:39:21 | 000,141,824 | ---- | M] (Microsoft Corporation) MD5=DE0ECE52236CFA3ED2DBFC03F28253A8 -- C:\Windows\winsxs\amd64_microsoft-windows-com-dtc-runtime_31bf3856ad364e35_6.1.7600.16385_none_7547f48c79b40229\msdtc.exe [color=#A23BEC]< MD5 for: MSHTML.DLL >[/color] [2011/09/01 05:58:06 | 017,781,760 | ---- | M] (Microsoft Corporation) MD5=0254785C0A7715E478FE89540A992CB5 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20537_none_88661f790ded918c\mshtml.dll [2011/09/01 06:34:11 | 017,781,760 | ---- | M] (Microsoft Corporation) MD5=02B4E6CCCA443568764281391635F5A4 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16437_none_87dc82adf4cff1c2\mshtml.dll [2011/09/01 03:36:37 | 012,275,200 | ---- | M] (Microsoft Corporation) MD5=04E0CD31A63DFC0D73725A3D1768FB5A -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16437_none_92312d002930b3bd\mshtml.dll [2011/01/07 08:32:34 | 005,980,672 | ---- | M] (Microsoft Corporation) MD5=1011333570E1CECAE8FAC34C8D9461BC -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21636_none_96ee071bfd57ca2f\mshtml.dll [2010/05/06 13:47:57 | 005,972,992 | ---- | M] (Microsoft Corporation) MD5=1186C9E0759E0AC7CC6C9A0F66D003ED -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20708_none_952a188800173ff7\mshtml.dll [2009/07/14 02:41:28 | 009,271,296 | ---- | M] (Microsoft Corporation) MD5=12C3F25EA578DAA752024E1918D59313 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_89f24b7ab2dc7a40\mshtml.dll [2011/12/14 07:57:02 | 017,790,464 | ---- | M] (Microsoft Corporation) MD5=153963F44A26A7840ACDF52C2CD1B9DC -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20546_none_885a4f430df69426\mshtml.dll [2011/01/07 08:46:12 | 005,980,672 | ---- | M] (Microsoft Corporation) MD5=1C6045D48179D15A843486D12BEC0EAF -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17537_none_96656a9ae43943bc\mshtml.dll [2010/11/20 14:27:02 | 008,988,160 | ---- | M] (Microsoft Corporation) MD5=1C8B787BAA52DEAD1A6FEC1502D652F0 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_8c235f42afcafdda\mshtml.dll [2010/11/04 07:38:42 | 009,303,040 | ---- | M] (Microsoft Corporation) MD5=1F5BE643D0C7949CA8A387598B225754 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20831_none_8aadfe51cbd51d95\mshtml.dll [2010/06/30 07:15:45 | 005,972,992 | ---- | M] (Microsoft Corporation) MD5=25C1646ADC24C371B594544C3D530967 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20745_none_94fbd7fa003a63b6\mshtml.dll [2011/02/24 07:24:28 | 009,309,696 | ---- | M] (Microsoft Corporation) MD5=2B300279E66420F30E68E7B613B5A03D -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20908_none_8ad57201cbb6784a\mshtml.dll [2010/11/04 07:32:09 | 009,306,624 | ---- | M] (Microsoft Corporation) MD5=30C4D25A902F264E52F7F3A1EEF8576A -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16700_none_8a43d100b2a010a1\mshtml.dll [2011/03/07 06:31:52 | 005,981,696 | ---- | M] (Microsoft Corporation) MD5=3D2F69861D7B24A3C5B0473583FE3D9D -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17573_none_963629c2e45d4e24\mshtml.dll [2011/04/23 00:36:19 | 012,269,056 | ---- | M] (Microsoft Corporation) MD5=3F63F95C998F7E1AF409BC74E83D45E5 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16430_none_922a2afa2937025c\mshtml.dll [2009/07/14 02:15:44 | 005,957,632 | ---- | M] (Microsoft Corporation) MD5=43592D31AFF84DD957199248898D9430 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_9446f5cce73d3c3b\mshtml.dll [2011/12/14 04:30:38 | 012,282,368 | ---- | M] (Microsoft Corporation) MD5=497C9C3DB953A60EC4F43A097E15F75E -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16441_none_92205b58293e37a4\mshtml.dll [2011/05/26 15:52:40 | 012,268,544 | ---- | M] (Microsoft Corporation) MD5=4DEF8126CABAA6CDC12103CD74C6A919 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16421_none_9235fb30292dffc2\mshtml.dll [2010/09/08 05:31:38 | 005,977,088 | ---- | M] (Microsoft Corporation) MD5=4F3DEEE94B0F650862F7AB7ABBE40CA1 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20795_none_94c5c85e0062ef6b\mshtml.dll [2011/11/04 04:06:02 | 017,786,368 | ---- | M] (Microsoft Corporation) MD5=5770C4BA825C42D6EFD9486029747108 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20544_none_88584eaf0df86178\mshtml.dll [2011/03/07 06:20:35 | 005,981,696 | ---- | M] (Microsoft Corporation) MD5=5E87C06B924495F6FA381391FDE0C9D4 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21676_none_96c2c76bfd7839f3\mshtml.dll [2010/11/04 06:52:43 | 005,979,136 | ---- | M] (Microsoft Corporation) MD5=61854D1111E33A09603452B32A84B5F0 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20831_none_9502a8a40035df90\mshtml.dll [2011/11/04 00:02:45 | 012,279,808 | ---- | M] (Microsoft Corporation) MD5=66C0AEE61D1C5C35BF1B4642A153B114 -- C:\Windows\SysWOW64\mshtml.dll [2011/11/04 00:02:45 | 012,279,808 | ---- | M] (Microsoft Corporation) MD5=66C0AEE61D1C5C35BF1B4642A153B114 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16440_none_921f5b0e293f1e4d\mshtml.dll [2011/01/07 13:16:31 | 008,995,328 | ---- | M] (Microsoft Corporation) MD5=688872E9CAFCC2758E7FE92A0622B4F9 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17537_none_8c10c048afd881c1\mshtml.dll [2010/12/18 06:30:10 | 005,980,672 | ---- | M] (Microsoft Corporation) MD5=6E9E2D2DC298FE9A3A3C164FB8A2C9EA -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16722_none_9484dc0ee70f3d2c\mshtml.dll [2010/06/30 08:12:21 | 009,298,432 | ---- | M] (Microsoft Corporation) MD5=74DA18BB61FE98FC002866F032329265 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16625_none_8a3330b4b2abca0f\mshtml.dll [2010/05/06 12:47:18 | 009,295,872 | ---- | M] (Microsoft Corporation) MD5=77942703FC36E71B86C3585CC32CBFEB -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20708_none_8ad56e35cbb67dfc\mshtml.dll [2011/07/22 06:35:21 | 017,782,272 | ---- | M] (Microsoft Corporation) MD5=79184CDA49EF6A445FF152EC58C7EB5D -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20534_none_88631e9b0df04587\mshtml.dll [2011/05/26 15:52:39 | 017,773,056 | ---- | M] (Microsoft Corporation) MD5=82682BA2DF50B94CD798B8315B3F7896 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16421_none_87e150ddf4cd3dc7\mshtml.dll [2011/04/22 23:59:20 | 012,269,056 | ---- | M] (Microsoft Corporation) MD5=858AD7EC121DBC3D39D4ABFE2E7E789C -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20530_none_92b3c7c54254a226\mshtml.dll [2010/09/08 06:26:38 | 009,298,944 | ---- | M] (Microsoft Corporation) MD5=87F2577E0240B62D6934D1076358A96A -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20795_none_8a711e0bcc022d70\mshtml.dll [2011/04/23 02:37:29 | 017,773,568 | ---- | M] (Microsoft Corporation) MD5=8C18BFBF9A4A6EC794212BF266D4EF99 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16430_none_87d580a7f4d64061\mshtml.dll [2011/09/01 03:07:19 | 012,275,200 | ---- | M] (Microsoft Corporation) MD5=8C93AED0A332209434B62162D03C38C9 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20537_none_92bac9cb424e5387\mshtml.dll [2010/11/04 06:49:17 | 005,978,112 | ---- | M] (Microsoft Corporation) MD5=9145EF1A437A3FCA06069FC649E16E32 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16700_none_94987b52e700d29c\mshtml.dll [2011/03/07 07:16:24 | 008,995,328 | ---- | M] (Microsoft Corporation) MD5=929F6341D1743D018D15B574B18B0D97 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21676_none_8c6e1d19c91777f8\mshtml.dll [2011/11/04 00:35:27 | 012,279,808 | ---- | M] (Microsoft Corporation) MD5=A21B983E40578D0E6CFA9864AC4E1219 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20544_none_92acf90142592373\mshtml.dll [2011/12/14 03:41:17 | 012,282,368 | ---- | M] (Microsoft Corporation) MD5=A29CFD4B9F6F2BBE06C8D64B6D07F1D4 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20546_none_92aef99542575621\mshtml.dll [2010/12/18 06:28:58 | 005,980,672 | ---- | M] (Microsoft Corporation) MD5=A8B89A12E7A379AC443FB002F4AAB51F -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20861_none_94e238e0004e3363\mshtml.dll [2010/05/06 13:59:57 | 009,290,240 | ---- | M] (Microsoft Corporation) MD5=A9A3272AF5BB3B73E93A268FEB8A9367 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16588_none_89f55024b2d9c093\mshtml.dll [2010/12/18 07:12:18 | 009,302,528 | ---- | M] (Microsoft Corporation) MD5=B26512F06AC6E6841F9092DA5CD07B15 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16722_none_8a3031bcb2ae7b31\mshtml.dll [2011/03/07 07:29:59 | 008,995,328 | ---- | M] (Microsoft Corporation) MD5=B2716DEC935FD5C8EEA66C1C0F7F5504 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17573_none_8be17f70affc8c29\mshtml.dll [2011/07/22 06:52:01 | 017,782,272 | ---- | M] (Microsoft Corporation) MD5=B721EFCC393D76390A319A8A30B1B654 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16434_none_87d981cff4d2a5bd\mshtml.dll [2010/12/18 07:08:12 | 009,306,624 | ---- | M] (Microsoft Corporation) MD5=B9C8DB637F63838B977AD44190677F43 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20861_none_8a8d8e8dcbed7168\mshtml.dll [2010/09/08 06:35:05 | 009,296,384 | ---- | M] (Microsoft Corporation) MD5=BA91EF2891B44E03FA71A8F608E6FB0D -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16671_none_89f91ff0b2d7f068\mshtml.dll [2010/09/08 05:28:44 | 005,977,600 | ---- | M] (Microsoft Corporation) MD5=BAF92C3C3D5A0958817B661439A81FD9 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16671_none_944dca42e738b263\mshtml.dll [2011/04/23 01:34:46 | 017,773,568 | ---- | M] (Microsoft Corporation) MD5=BB8E60EE55E3B48F893E71A09C2D420B -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20530_none_885f1d730df3e02b\mshtml.dll [2010/06/30 07:22:34 | 005,971,456 | ---- | M] (Microsoft Corporation) MD5=BDFD710842C8A25DD27254D91DE60AC6 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16625_none_9487db06e70c8c0a\mshtml.dll [2010/11/20 13:19:47 | 005,977,600 | ---- | M] (Microsoft Corporation) MD5=C50799F0D47DFB9774F721521B6C41D5 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_96780994e42bbfd5\mshtml.dll [2010/05/06 13:41:53 | 005,970,944 | ---- | M] (Microsoft Corporation) MD5=C5A57D9A8C055643BBB2E65D5E181D52 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16588_none_9449fa76e73a828e\mshtml.dll [2011/02/24 06:30:42 | 005,981,696 | ---- | M] (Microsoft Corporation) MD5=C75417DD80FE9D56A906DD9DA791ED6F -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16766_none_945d9d86e72c124c\mshtml.dll [2011/01/07 09:11:29 | 008,995,328 | ---- | M] (Microsoft Corporation) MD5=D0AFD5813136F0EAC80A048740553840 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21636_none_8c995cc9c8f70834\mshtml.dll [2010/06/30 08:30:55 | 009,295,360 | ---- | M] (Microsoft Corporation) MD5=E16D240876BAD97B05DCAD346AC734F6 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20745_none_8aa72da7cbd9a1bb\mshtml.dll [2011/12/14 08:43:42 | 017,790,464 | ---- | M] (Microsoft Corporation) MD5=E61288581AD9E647ABEFB1489B250B5C -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16441_none_87cbb105f4dd75a9\mshtml.dll [2011/07/22 03:54:04 | 012,273,664 | ---- | M] (Microsoft Corporation) MD5=E6D5C7E4AAC0C682169AA5021386EFF3 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16434_none_922e2c22293367b8\mshtml.dll [2011/11/04 03:38:28 | 017,786,368 | ---- | M] (Microsoft Corporation) MD5=E7BD23BEC69CF23436EEDE9B18DE186D -- C:\Windows\SysNative\mshtml.dll [2011/11/04 03:38:28 | 017,786,368 | ---- | M] (Microsoft Corporation) MD5=E7BD23BEC69CF23436EEDE9B18DE186D -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16440_none_87cab0bbf4de5c52\mshtml.dll [2011/07/22 02:53:49 | 012,273,664 | ---- | M] (Microsoft Corporation) MD5=F2966190D2C20C585A730F9C0B3C7373 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20534_none_92b7c8ed42510782\mshtml.dll [2011/02/24 06:44:53 | 005,982,720 | ---- | M] (Microsoft Corporation) MD5=F861A76F208BD31031A91412AA77BD4F -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20908_none_952a1c5400173a45\mshtml.dll [2011/02/24 07:25:41 | 009,311,744 | ---- | M] (Microsoft Corporation) MD5=F8F007BC2705CD11B2087635A5D0D3FD -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16766_none_8a08f334b2cb5051\mshtml.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010/11/20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys [2010/11/20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011/03/11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011/03/11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys [color=#A23BEC]< MD5 for: PNGFILT.DLL >[/color] [2011/05/26 15:52:40 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=04A8B2F67825380BC0C7C46D56776133 -- C:\Windows\SysWOW64\pngfilt.dll [2011/05/26 15:52:40 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=04A8B2F67825380BC0C7C46D56776133 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_9.4.8112.16421_none_064611e72dafc564\pngfilt.dll [2009/07/14 02:41:53 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=0728937194E98613051F4A72C7F1D4BF -- C:\Windows\winsxs\amd64_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_8.0.7600.16385_none_6475a807a41c7313\pngfilt.dll [2011/05/26 15:52:39 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=2F31597DA72FE328E1F7FEBF8548759C -- C:\Windows\SysNative\pngfilt.dll [2011/05/26 15:52:39 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=2F31597DA72FE328E1F7FEBF8548759C -- C:\Windows\winsxs\amd64_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_9.4.8112.16421_none_6264ad6ae60d369a\pngfilt.dll [2009/07/14 02:16:12 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=EED5AE4EF38893DD1743A95760C98704 -- C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_8.0.7600.16385_none_08570c83ebbf01dd\pngfilt.dll [color=#A23BEC]< MD5 for: RDPCLIP.EXE >[/color] [2010/11/20 14:25:05 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=25D284EB2F12254C001AFE9A82575A81 -- C:\Windows\winsxs\amd64_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_5ffc161221c1b4f6\rdpclip.exe [2009/07/14 02:39:28 | 000,209,408 | ---- | M] (Microsoft Corporation) MD5=798F5E39068FD3BC9D999A401FAB5F62 -- C:\Windows\winsxs\amd64_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7600.16385_none_5dcb024a24d3315c\rdpclip.exe [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll [color=#A23BEC]< MD5 for: SNMPTRAP.EXE >[/color] [2009/07/14 02:39:41 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=6313F223E817CC09AA41811DAA7F541D -- C:\Windows\SysNative\snmptrap.exe [2009/07/14 02:39:41 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=6313F223E817CC09AA41811DAA7F541D -- C:\Windows\winsxs\amd64_microsoft-windows-snmp-trap-service_31bf3856ad364e35_6.1.7600.16385_none_2b7ff0845918e12f\snmptrap.exe [color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color] [2010/08/20 06:38:12 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=8547491BE7086EE317163365D83A37D2 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_32ca3745f45762fc\spoolsv.exe [2009/07/14 02:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe [2010/11/20 14:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\SysNative\spoolsv.exe [2010/11/20 14:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe [2010/08/21 07:29:47 | 000,558,592 | ---- | M] (Microsoft Corporation) MD5=F8E1FA03CB70D54A9892AC88B91D1E7B -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_3252392adb2d25f4\spoolsv.exe [color=#A23BEC]< MD5 for: SPPSVC.EXE >[/color] [2009/07/14 02:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) MD5=913D843498553A1BC8F8DBAD6358E49F -- C:\Windows\winsxs\amd64_microsoft-windows-security-spp_31bf3856ad364e35_6.1.7600.16385_none_7656491f3aa3f98d\sppsvc.exe [2010/11/20 14:25:04 | 003,524,608 | ---- | M] (Microsoft Corporation) MD5=E17E0188BB90FAE42D83E98707EFA59C -- C:\Windows\SysNative\sppsvc.exe [2010/11/20 14:25:04 | 003,524,608 | ---- | M] (Microsoft Corporation) MD5=E17E0188BB90FAE42D83E98707EFA59C -- C:\Windows\winsxs\amd64_microsoft-windows-security-spp_31bf3856ad364e35_6.1.7601.17514_none_78875ce737927d27\sppsvc.exe [color=#A23BEC]< MD5 for: TASKENG.EXE >[/color] [2010/11/02 05:24:43 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=41C52AF44FB96BDDB1EFB25D2D943BBA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_e63d55df39278cc6\taskeng.exe [2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\SysWOW64\taskeng.exe [2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe [2010/11/02 06:10:47 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=60CAE1FA4888ED41B41AEE91C774E4A2 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_419a75c3d88fecc0\taskeng.exe [2010/11/20 14:25:23 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=65EA57712340C09B1B0C427B4848AE05 -- C:\Windows\SysNative\taskeng.exe [2010/11/20 14:25:23 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=65EA57712340C09B1B0C427B4848AE05 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_43d2529dd579f798\taskeng.exe [2010/11/02 06:16:39 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=84343003E0E6716B3E782FF781B92815 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_425bf162f184fdfc\taskeng.exe [2009/07/14 02:39:47 | 000,463,872 | ---- | M] (Microsoft Corporation) MD5=C1BDC97E8C9404245DE87F1EF08D1764 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_41a13ed5d88b73fe\taskeng.exe [2009/07/14 02:14:42 | 000,190,464 | ---- | M] (Microsoft Corporation) MD5=DE5DACEBD4C89834EC6D2C41C8643CDA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_e582a352202e02c8\taskeng.exe [2010/11/02 05:34:44 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=F8952E80B7F778DA2F7AA8393CA2D30E -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_e57bda4020327b8a\taskeng.exe [color=#A23BEC]< MD5 for: TASKHOST.EXE >[/color] [2009/07/14 02:39:47 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=3EEFB971D61EF9638FD21F14C703CA11 -- C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7600.16385_none_84339a007406dfa0\taskhost.exe [2010/11/20 14:25:23 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=517110BD83835338C037269E603DB55D -- C:\Windows\SysNative\taskhost.exe [2010/11/20 14:25:23 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=517110BD83835338C037269E603DB55D -- C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_8664adc870f5633a\taskhost.exe [color=#A23BEC]< MD5 for: TCPIP.SYS >[/color] [2011/04/25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys [2011/09/29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys [2010/11/20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys [2011/06/21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys [2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys [2011/04/25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys [2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys [2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys [2011/04/25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys [2011/06/21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys [2011/09/29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys [2011/04/25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys [2011/06/21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys [2011/06/21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys [2011/09/29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys [2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys [2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys [color=#A23BEC]< MD5 for: UI0DETECT.EXE >[/color] [2009/07/14 02:39:48 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=3CBDEC8D06B9968ABA702EBA076364A1 -- C:\Windows\SysNative\UI0Detect.exe [2009/07/14 02:39:48 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=3CBDEC8D06B9968ABA702EBA076364A1 -- C:\Windows\winsxs\amd64_microsoft-windows-session0viewer_31bf3856ad364e35_6.1.7600.16385_none_3ddbd9a9605f0519\UI0Detect.exe [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\drivers\usbprint.sys [2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\DriverStore\FileRepository\usbprint.inf_amd64_neutral_54948be2bc4bcdd1\usbprint.sys [2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\winsxs\amd64_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_8eeeb411db1b01c5\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysNative\drivers\usbscan.sys [2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysNative\DriverStore\FileRepository\sti.inf_amd64_neutral_9d9a7113099a28a2\usbscan.sys [2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\winsxs\amd64_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_b5d3c30ffa77a77a\usbscan.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe [color=#A23BEC]< MD5 for: VDS.EXE >[/color] [2009/07/14 02:39:49 | 000,532,480 | ---- | M] (Microsoft Corporation) MD5=44D73E0BBC1D3C8981304BA15135C2F2 -- C:\Windows\winsxs\amd64_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.1.7600.16385_none_c6dfc447145fa2e0\vds.exe [2010/11/20 14:25:25 | 000,533,504 | ---- | M] (Microsoft Corporation) MD5=8D6B481601D01A456E75C3210F1830BE -- C:\Windows\SysNative\vds.exe [2010/11/20 14:25:25 | 000,533,504 | ---- | M] (Microsoft Corporation) MD5=8D6B481601D01A456E75C3210F1830BE -- C:\Windows\winsxs\amd64_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.1.7601.17514_none_c910d80f114e267a\vds.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys [2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys [2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys [2009/07/14 02:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys [color=#A23BEC]< MD5 for: VSSVC.EXE >[/color] [2009/07/14 02:39:50 | 001,598,976 | ---- | M] (Microsoft Corporation) MD5=787898BF9FB6D7BD87A36E2D95C899BA -- C:\Windows\winsxs\amd64_microsoft-windows-vssservice_31bf3856ad364e35_6.1.7600.16385_none_b6c1c01e31887a6e\VSSVC.exe [2010/11/20 14:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) MD5=B60BA0BC31B0CB414593E169F6F21CC2 -- C:\Windows\SysNative\VSSVC.exe [2010/11/20 14:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) MD5=B60BA0BC31B0CB414593E169F6F21CC2 -- C:\Windows\winsxs\amd64_microsoft-windows-vssservice_31bf3856ad364e35_6.1.7601.17514_none_b8f2d3e62e76fe08\VSSVC.exe [color=#A23BEC]< MD5 for: WATADMINSVC.EXE >[/color] [2010/07/02 00:52:49 | 001,255,736 | ---- | M] (Microsoft Corporation) MD5=3CEC96DE223E49EAAE3651FCF8FAEA6C -- C:\Windows\SysNative\Wat\WatAdminSvc.exe [2010/01/28 03:32:36 | 001,255,736 | ---- | M] (Microsoft Corporation) MD5=3CEC96DE223E49EAAE3651FCF8FAEA6C -- C:\Windows\winsxs\amd64_microsoft-windows-s..ivationtechnologies_31bf3856ad364e35_7.1.7600.16395_none_89cb1e5f7a64822b\WatAdminSvc.exe [color=#A23BEC]< MD5 for: WBENGINE.EXE >[/color] [2009/07/14 02:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) MD5=5AB1BB85BD8B5089CC5D64200DEDAE68 -- C:\Windows\winsxs\amd64_microsoft-windows-blb-engine-main_31bf3856ad364e35_6.1.7600.16385_none_3fd6e79f1970ef80\wbengine.exe [2010/11/20 14:25:28 | 001,504,256 | ---- | M] (Microsoft Corporation) MD5=78F4E7F5C56CB9716238EB57DA4B6A75 -- C:\Windows\SysNative\wbengine.exe [2010/11/20 14:25:28 | 001,504,256 | ---- | M] (Microsoft Corporation) MD5=78F4E7F5C56CB9716238EB57DA4B6A75 -- C:\Windows\winsxs\amd64_microsoft-windows-blb-engine-main_31bf3856ad364e35_6.1.7601.17514_none_4207fb67165f731a\wbengine.exe [color=#A23BEC]< MD5 for: WEBCHECK.DLL >[/color] [2009/07/14 02:16:18 | 000,229,376 | ---- | M] (Microsoft Corporation) MD5=177DF28315BF4300ECB5CBEEEE961292 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.7600.16385_none_e22fc62916cd51b4\webcheck.dll [2010/11/20 14:27:28 | 000,290,304 | ---- | M] (Microsoft Corporation) MD5=47B8DEBEC68FACCD026F99CAE8698C93 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.7601.17514_none_da0c2f9edf5b1353\webcheck.dll [2011/05/26 15:52:40 | 000,203,776 | ---- | M] (Microsoft Corporation) MD5=5193DE33F3284C447E0D31DAFBF92570 -- C:\Windows\SysWOW64\webcheck.dll [2011/05/26 15:52:40 | 000,203,776 | ---- | M] (Microsoft Corporation) MD5=5193DE33F3284C447E0D31DAFBF92570 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_9.4.8112.16421_none_e01ecb8c58be153b\webcheck.dll [2010/11/20 13:21:35 | 000,229,376 | ---- | M] (Microsoft Corporation) MD5=A4EE3D80E31D5A3CA8EBE6A67A06CEC0 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.7601.17514_none_e460d9f113bbd54e\webcheck.dll [2011/05/26 15:52:39 | 000,249,344 | ---- | M] (Microsoft Corporation) MD5=D7CEAEDD5F75D2C8A2E80887D7C114CE -- C:\Windows\SysNative\webcheck.dll [2011/05/26 15:52:39 | 000,249,344 | ---- | M] (Microsoft Corporation) MD5=D7CEAEDD5F75D2C8A2E80887D7C114CE -- C:\Windows\winsxs\amd64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_9.4.8112.16421_none_d5ca213a245d5340\webcheck.dll [2009/07/14 02:41:56 | 000,290,304 | ---- | M] (Microsoft Corporation) MD5=D7D7EB64B7DE14A783329805E5AC0031 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.7600.16385_none_d7db1bd6e26c8fb9\webcheck.dll [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2011/05/14 23:02:05 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\Windows\SysWOW64\winlogon.exe [2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe [color=#A23BEC]< MD5 for: WMIAPSRV.EXE >[/color] [2009/07/14 02:39:55 | 000,203,264 | ---- | M] (Microsoft Corporation) MD5=38B84C94C5A8AF291ADFEA478AE54F93 -- C:\Windows\SysNative\wbem\WmiApSrv.exe [2009/07/14 02:39:55 | 000,203,264 | ---- | M] (Microsoft Corporation) MD5=38B84C94C5A8AF291ADFEA478AE54F93 -- C:\Windows\winsxs\amd64_microsoft-windows-wmi-core_31bf3856ad364e35_6.1.7600.16385_none_1548f4bc3949a69a\WmiApSrv.exe [2009/07/14 02:39:55 | 000,203,264 | ---- | M] (Microsoft Corporation) MD5=38B84C94C5A8AF291ADFEA478AE54F93 -- C:\Windows\winsxs\amd64_microsoft-windows-wmi-core_31bf3856ad364e35_6.1.7601.17514_none_177a088436382a34\WmiApSrv.exe [color=#A23BEC]< MD5 for: WMPNETWK.EXE >[/color] [2009/07/14 02:39:56 | 001,525,248 | ---- | M] (Microsoft Corporation) MD5=9BF014C20F91D97055532F2F5496E7BD -- C:\Windows\winsxs\amd64_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.1.7600.16385_none_5f7bbd79e844a815\wmpnetwk.exe [2010/11/20 14:25:33 | 001,525,248 | ---- | M] (Microsoft Corporation) MD5=A9F3BFC9345F49614D5859EC95B9E994 -- C:\Program Files\Windows Media Player\wmpnetwk.exe [2010/11/20 14:25:33 | 001,525,248 | ---- | M] (Microsoft Corporation) MD5=A9F3BFC9345F49614D5859EC95B9E994 -- C:\Windows\winsxs\amd64_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.1.7601.17514_none_61acd141e5332baf\wmpnetwk.exe [color=#A23BEC]< >[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 191 bytes -> C:\ProgramData\Temp:07BF512B @Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 14 bytes -> C:\Windows\system.ini:c1_encryption_d @Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:1B4D9DFB < End of report > La page 2 pose quelques soucis on dirait.

Je tiens à souligner que je suis informaticien de formation donc on peut sauter les questions bêtes Oui, j'ai supprimé les clés, changé les pages de démarrage... elle revient. Merci encore du temps que vous m'accordez, j'espère qu'on va trouver.

TDSSKiller n'a rien trouvé. Voilà pour l'autre : Il s'agit de la clé registre que j'avais supprimée et qui n'avait pas réglé le problème.

Bonjour. Je reviens à la charge, apparemment le malware ou l'adware est toujours présent. Le problème est revenu après avoir disparu quelques temps (programme occasionnel?). Bref, j'ai besoin de votre aide de nouveau, merci !

Bonjour. Je vais quand même passer un coup de TDSSKiller, mais en fait j'ai réussi à régler le problème. J'ai été dans le registre, j'ai fait F3, cherché Freakylinks et delete la clé qui avait été créée pour remplacer mes pages d'accueil. Tout est en ordre maintenant, merci bien pour l'aide.

Bonsoir. J'ai refait un test complet avec MBAM en plus du fix d'AdwCleaner. Le problème persiste. Merci d'avance

Après nettoyage :

Bonjour. Merci bien. Voici le rapport AdwCleaner : J'ai déjà MBAM, il n'a pas réglé le problème. Est-ce que vous voulez le rapport ? Cordialement, P.

Bonjour. J'ai, pour je ne sais quelle raison, une page d'accueil (freakylinks.info/643) qui se met toute seule sur mes browsers à chaque reboot Windows. Voilà un rapport ZHPDiag. Est-ce que quelqu'un saurait m'aider ? Merci beaucoup d'avance. Cordialement, P.