and here is the OTL.txt log:
OTL logfile created on: 4/14/2014 7:09:52 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\viccherry\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 2.16 Gb Available Physical Memory | 54.54% Memory free
8.10 Gb Paging File | 6.00 Gb Available in Paging File | 74.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.20 Gb Total Space | 104.43 Gb Free Space | 47.86% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 6.58 Gb Free Space | 44.92% Space Free | Partition Type: NTFS
Computer Name: VICCHERRY-PC | User Name: viccherry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\viccherry\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe (AVG Secure Search)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\loggingserver.exe ()
PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe (Dell Inc.)
PRC - C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe (SingleClick Systems)
PRC - C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe ()
PRC - C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe ()
PRC - C:\Program Files (x86)\Common Files\Dell\apache\php.exe (The PHP Group)
PRC - C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe (Apache Software Foundation)
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\ProgramData\UltraVNC\winvnc.exe (UltraVNC)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\log4cplusU.dll ()
MOD - C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe ()
MOD - C:\Program Files (x86)\Common Files\Dell\apache\ioncube_loader_win_5.2.dll ()
MOD - C:\Program Files (x86)\Common Files\Dell\apache\libmysql.dll ()
MOD - C:\Program Files (x86)\Dell V310-V510 Series\dleadrs.dll ()
MOD - C:\Program Files (x86)\Dell V310-V510 Series\dleascw.dll ()
MOD - C:\Program Files (x86)\Dell V310-V510 Series\dleadatr.dll ()
MOD - C:\Program Files (x86)\Dell V310-V510 Series\DLEAcfg.dll ()
MOD - C:\Program Files (x86)\Dell V310-V510 Series\dleacaps.dll ()
MOD - C:\Program Files (x86)\Dell V310-V510 Series\dleacnv4.dll ()
MOD - C:\Windows\SysWOW64\DLEAsmr.dll ()
MOD - C:\Windows\SysWOW64\DLEAsm.dll ()
MOD - C:\Program Files (x86)\Common Files\Dell\apache\bin\zlib1.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (dlea_device) -- C:\Windows\SysNative\dleacoms.exe ( )
SRV:64bit: - (dleaCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\dleaserv.exe ()
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (yksvc) -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (vToolbarUpdater18.0.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe (AVG Secure Search)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (AVG Security Toolbar Service) -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (hnmsvc) -- C:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe (Dell Inc.)
SRV - (dsl-fs-sync) -- C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe (SingleClick Systems)
SRV - (dleaCATSCustConnectService) -- C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe ()
SRV - (dlea_device) -- C:\Windows\SysWOW64\dleacoms.exe ( )
SRV - (dsl-db) -- C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe ()
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Apache2.2) -- C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe (Apache Software Foundation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (uvnc_service) -- C:\ProgramData\UltraVNC\winvnc.exe (UltraVNC)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\DRIVERS\SWDUMon.sys ()
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\DRIVERS\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\DRIVERS\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\DRIVERS\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\DRIVERS\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\DRIVERS\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\DRIVERS\avgfwd6a.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS (Realtek Semiconductor Corp.)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (NETw5v64) -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys (Intel Corporation)
DRV:64bit: - (Packet) -- C:\Windows\SysNative\DRIVERS\packet.sys (SingleClick Systems)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (e1express) -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys (Intel Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV - (Packet) -- C:\Windows\SysWOW64\drivers\packet.sys (SingleClick Systems)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {79EBD815-735B-4501-9798-B6FB68628A71}
IE:64bit: - HKLM\..\SearchScopes\{79EBD815-735B-4501-9798-B6FB68628A71}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {B5DE1913-E399-483E-9FCA-3DDF85011525}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...1-0023AE234BC6}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie9
IE - HKCU\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{3A706E37-3768-44F8-89D1-B96B6011B6EB}: "URL" = http://search.yahoo....&fr=chr-gl-gen1
IE - HKCU\..\SearchScopes\{5A11508C-7E5E-446B-929C-03197C40EE40}: "URL" = http://search.yahoo....f-8&fr=chr-yie9
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={5B884C15-13DB-4B51-A87E-F12B2D439BE7}&mid=58547acb9f7f4519162bd2354df15e1c-e92b75959ee62bfb6234d3af093a7ba4758ac9a1&lang=en&ds=AVG&pr=pr&d=2012-04-22 20:57:01&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{AE71F40B-123D-49B7-8990-8AD85DD59C9E}: "URL" = http://delicious.com...p={searchTerms}
IE - HKCU\..\SearchScopes\{B5DE1913-E399-483E-9FCA-3DDF85011525}: "URL" = http://search.condui...7534550287&UM=2
IE - HKCU\..\SearchScopes\{C18EA064-B948-4077-BD6A-AB94630083C1}: "URL" = http://www.flickr.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...006.10042&st=23
IE - HKCU\..\SearchScopes\{F8DEEF26-329F-4DCB-B7D9-27759FB661FB}: "URL" = http://websearch.ask...CE-900758F3A54C
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/?fr=fp-yie9"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\viccherry\AppData\Roaming\Move Networks\plugins\npqmp071502000008.dll (Move Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\viccherry\AppData\Roaming\Move Networks [2014/03/29 10:49:31 | 000,000,000 | ---D | M]
[2014/04/09 20:12:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\viccherry\AppData\Roaming\Mozilla\Extensions
[2014/04/11 18:23:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\viccherry\AppData\Roaming\Mozilla\Firefox\Profiles\n5jkhikp.default\extensions
[2014/04/07 21:35:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/04/07 21:35:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Docs = C:\Users\viccherry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Users\viccherry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\viccherry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\viccherry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\viccherry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\viccherry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn8\yt.dll (Yahoo! Inc.)
O2 - BHO: (Dell Toolbar) - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()
O2 - BHO: (Unit) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - Reg Error: Value error. File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.0.248\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Dell Toolbar) - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.0.248\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn8\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [dleamon.exe] C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\RunOnce: [Uninstall C:\Users\viccherry\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\viccherry\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" File not found
O4 - HKCU..\RunOnce: [Uninstall C:\Users\viccherry\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\viccherry\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 204.186.80.251 216.144.187.101 216.144.187.199
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{002E2311-6495-440E-A2F9-05B194EBE752}: DhcpNameServer = 204.186.80.251 216.144.187.101 216.144.187.199
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F45EBB82-E1FA-408C-9131-9C41D02B34E6}: DhcpNameServer = 192.168.2.113 4.2.2.2
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Value error. File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Value error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.0\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\viccherry\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\viccherry\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{bc0f12f5-a300-11e2-8e76-0023ae234bc6}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
System Restore Service not available.
========== Files/Folders - Created Within 30 Days ==========
[2014/04/13 20:53:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\viccherry\Desktop\OTL.exe
[2014/04/12 19:02:50 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERSetup
[2014/04/11 19:16:22 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Roaming\iolo
[2014/04/11 18:49:30 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Roaming\GlarySoft
[2014/04/11 18:35:03 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Glarysoft
[2014/04/11 18:34:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glarysoft
[2014/04/09 21:59:01 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/04/09 21:07:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/04/09 20:40:12 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2014/04/09 20:40:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iolo
[2014/04/09 20:10:14 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\Mozilla
[2014/04/09 20:10:11 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Roaming\Mozilla
[2014/04/09 19:33:15 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/04/09 19:33:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/04/09 19:33:12 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/04/09 19:33:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/04/09 19:33:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/04/09 19:33:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/04/09 19:33:11 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/04/09 19:33:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/04/09 19:33:10 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/04/09 19:33:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/04/09 19:33:10 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/04/09 19:33:09 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/04/09 19:33:09 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/04/09 19:33:09 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/04/09 19:33:09 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/04/09 19:13:24 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/04/09 18:50:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014/04/09 18:44:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/04/07 21:43:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/04/07 21:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/04/07 21:35:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/04/07 20:12:02 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\{38B8547E-9B0A-47BA-95CA-CA6A46906379}
[2014/04/07 19:53:15 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/07 19:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/07 19:53:03 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/07 19:53:03 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/07 19:53:03 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/07 19:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/04/07 19:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/04/07 18:33:48 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\{C35BC776-AD27-4FA7-9EAA-7EF225D9C473}
[2014/04/02 18:15:44 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\{8266DBFC-84E6-42F6-993D-9316823ADAEF}
[2014/04/01 20:40:11 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/04/01 15:05:58 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\{FFEC9C09-2504-44E5-A900-551BE987D180}
[2014/03/31 21:04:56 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\{B937B2F6-BEC8-4CE3-ABB0-FDDA9A252A31}
[2014/03/30 16:56:43 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\{4413BCE3-9B76-41E6-9367-CF0070183368}
[2014/03/30 11:25:03 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\{75D1D2C9-5EF2-4EA1-A639-F1E9E3CB284C}
[2014/03/30 09:43:22 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\{46937EE7-8938-43D9-8BEE-10C8061C10CF}
[2014/03/30 08:48:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/03/30 08:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/03/30 08:46:47 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/03/29 16:55:54 | 001,111,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/03/29 16:55:52 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/03/29 16:29:41 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/03/29 16:29:41 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/03/29 12:08:37 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\{CBEEC01E-86CD-45D6-93B6-FFA3F97DA19E}
[2014/03/29 06:20:33 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\{5F6F5A9B-C0CC-4405-83C2-40F51FD25BA2}
[2014/03/28 18:48:34 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\{67ACA017-089F-45FF-9C62-919B907287FC}
[2014/03/24 22:36:14 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\{3F3E0AD0-84F0-4CDA-AB62-0B1D0CA2D6A4}
[2014/03/20 14:50:52 | 000,240,952 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/03/17 22:08:37 | 000,000,000 | ---D | C] -- C:\Users\viccherry\AppData\Local\{A19E3834-7C3A-4042-BD21-F967AFA1612E}
[2009/08/13 05:30:52 | 008,653,312 | ---- | C] (Dell, Inc. ) -- C:\Users\viccherry\AppData\Roaming\DataSafeDotNet.exe
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/14 10:59:32 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/14 10:59:31 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/14 10:28:47 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/14 09:46:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/14 06:58:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/14 06:58:38 | 4255,502,336 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/13 20:44:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\viccherry\Desktop\OTL.exe
[2014/04/12 15:05:10 | 001,402,880 | ---- | M] () -- C:\Users\viccherry\Documents\HijackThis.msi
[2014/04/11 18:35:53 | 000,001,061 | ---- | M] () -- C:\Users\viccherry\Desktop\Registry Repair.lnk
[2014/04/09 21:59:51 | 000,000,772 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/04/09 20:41:05 | 000,001,012 | ---- | M] () -- C:\Users\viccherry\Desktop\System Checkup.lnk
[2014/04/09 20:40:18 | 000,074,703 | ---- | M] () -- C:\Windows\SysWow64\mfc45.dat
[2014/04/09 18:51:57 | 000,003,759 | ---- | M] () -- C:\Windows\SysWow64\userawacs.cfg
[2014/04/09 18:51:37 | 000,000,290 | ---- | M] () -- C:\Windows\SysWow64\usergui.cfg
[2014/04/09 18:50:42 | 000,000,830 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2014/04/09 18:41:33 | 000,015,672 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2014/04/07 21:45:14 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/07 19:53:06 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/07 19:07:20 | 000,656,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/07 19:07:20 | 000,124,752 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/07 19:07:14 | 000,777,776 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/03 09:51:12 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/03 09:51:04 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/03/30 16:28:30 | 000,000,732 | ---- | M] () -- C:\Users\viccherry\AppData\Local\d3d9caps64.dat
[2014/03/30 10:53:32 | 000,006,756 | ---- | M] () -- C:\Users\viccherry\AppData\Local\d3d9caps.dat
[2014/03/30 10:53:24 | 000,002,317 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2014/03/30 09:37:16 | 000,283,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/03/30 08:48:15 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/29 12:49:55 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/03/29 12:49:55 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/03/20 14:50:52 | 000,240,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/13 17:41:01 | 4255,502,336 | -HS- | C] () -- C:\hiberfil.sys
[2014/04/13 14:40:36 | 001,402,880 | ---- | C] () -- C:\Users\viccherry\Documents\HijackThis.msi
[2014/04/11 18:35:53 | 000,001,061 | ---- | C] () -- C:\Users\viccherry\Desktop\Registry Repair.lnk
[2014/04/09 21:59:51 | 000,000,772 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/04/09 20:41:05 | 000,001,012 | ---- | C] () -- C:\Users\viccherry\Desktop\System Checkup.lnk
[2014/04/09 20:40:18 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2014/04/07 21:45:14 | 000,000,902 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/04/07 21:45:14 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/07 19:53:06 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/30 08:48:15 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/29 17:47:31 | 000,000,732 | ---- | C] () -- C:\Users\viccherry\AppData\Local\d3d9caps64.dat
[2014/02/25 04:07:13 | 000,771,580 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/06/14 19:16:06 | 000,002,802 | ---- | C] () -- C:\Users\viccherry\AppData\Roaming\wklnhst.dat
[2009/05/13 21:37:59 | 000,008,248 | ---- | C] () -- C:\Users\viccherry\AppData\Local\en.ini
[2009/04/26 20:00:20 | 000,005,632 | ---- | C] () -- C:\Users\viccherry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/26 19:34:05 | 000,006,756 | ---- | C] () -- C:\Users\viccherry\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ==========
[2006/11/02 11:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 13:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 03:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 22:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/03/03 21:23:58 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\AVG
[2013/01/21 22:39:25 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\AVG2013
[2011/05/05 19:45:50 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\AVG9
[2013/07/22 17:51:15 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014/04/11 18:49:30 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\GlarySoft
[2014/04/11 19:16:22 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\iolo
[2014/03/29 10:49:31 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\MediaMonkey
[2014/03/29 10:49:31 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\pdf995
[2013/09/13 15:16:22 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\SanDisk SecureAccess
[2011/10/02 16:44:06 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\Sling Media
[2013/03/24 19:14:44 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\TaxCut
[2009/06/14 19:16:08 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\Template
[2012/05/26 19:47:45 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\TuneUp Software
[2010/04/20 14:16:36 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\V310-V510 Series
[2009/04/13 16:09:32 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\WildTangent
[2009/10/23 19:16:51 | 000,000,000 | ---D | M] -- C:\Users\viccherry\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.EXE >
[2009/03/15 00:48:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2009/03/15 00:48:01 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2009/03/15 00:48:02 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2009/03/15 00:48:01 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 03:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009/04/11 03:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2009/03/15 00:48:01 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2009/03/15 00:48:01 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2009/03/15 00:48:01 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2009/03/15 00:48:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/20 22:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/20 22:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >
[2006/11/02 11:13:38 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2006/11/02 11:13:38 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_6a2f0af76374ed51\explorer.exe.mui
[2006/11/02 11:13:32 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=872D519975CA4D7CC596FC93470D49E0 -- C:\Windows\en-US\explorer.exe.mui
[2006/11/02 11:13:32 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=872D519975CA4D7CC596FC93470D49E0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_5fda60a52f142b56\explorer.exe.mui
< MD5 for: EXPLORER.EXE-D5E97654.PF >
[2014/04/14 07:12:31 | 000,124,842 | ---- | M] () MD5=49A618B6ABB44A5405EB1EFD055C4B03 -- C:\Windows\Prefetch\EXPLORER.EXE-D5E97654.pf
< MD5 for: IEXPLORE.EXE >
[2012/06/02 07:47:54 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=004640AB259C1572EBD5FB0A32F63686 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20553_none_b5336068bd3ba567\iexplore.exe
[2013/01/08 21:53:45 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=0100BCF23941C83462E4A70F94C3392E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16464_none_b49ff3fba4253ae5\iexplore.exe
[2012/05/17 19:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16446_none_bf0c3eb9d873f7ac\iexplore.exe
[2013/10/13 06:49:16 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=06085B62BC7E0C8E2605CEA38774D956 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16520_none_bf1bdebbd86924e7\iexplore.exe
[2009/03/15 00:40:57 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=07ED775D6DB4BFA96D7CFB09EB228418 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16681_none_9399882309d61be8\iexplore.exe
[2009/01/15 00:14:36 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=0844F5B9CB3BB85A917D347EF1565B6C -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_93f80d9f098e0166\iexplore.exe
[2012/10/03 22:07:39 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=0B09588808D3865287BE65CF62D792B2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20562_none_b5279032bd44a801\iexplore.exe
[2012/11/13 22:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=0D286C0FE561D1A7EB30E83A0FF305B2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16457_none_bf026f17d87b2cf4\iexplore.exe
[2013/07/31 06:18:24 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=10C1F2EC48D524AE10229AACD37B172A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20617_none_bfb74d78f1785a21\iexplore.exe
[2014/02/23 02:00:18 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=10EB5C0E376727E21198B14E2F1637F7 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16540_none_bf063ee3d8795cc9\iexplore.exe
[2013/07/24 22:48:45 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=139C8953AC56A9E559C7DEF07BC45ED7 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20613_none_bfb34c50f17bf4c5\iexplore.exe
[2013/11/14 22:14:05 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=140325733F0DFB82A6A600CE301478EE -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16526_none_b4cd3625a402faf6\iexplore.exe
[2013/05/17 00:10:41 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=1423FF1BFD2ECD9CFC8C17EA4F98B20F -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16490_none_b47b830fa441295c\iexplore.exe
[2009/03/15 00:34:04 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=157F8DE991396C536820D7FA5C8DCF7D -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16711_none_93e5397d099d5578\iexplore.exe
[2009/03/15 00:42:56 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=182CAF7403705ACCB51211A761080B8F -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_9433f69622e637cb\iexplore.exe
[2009/03/15 00:23:03 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=19403B64906C9EAC627E3C10847B0FDA -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16757_none_93bffb8909b85d46\iexplore.exe
[2012/06/27 22:23:58 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=1A8A5634E778B0466BE0932B460ACCB3 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20554_none_b53460b2bd3abebe\iexplore.exe
[2009/03/15 00:40:57 | 000,701,440 | ---- | M] (Microsoft Corporation) MD5=1ACD856D345FA54F89335C793B2B0874 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20823_none_8a115c9dee6081e6\iexplore.exe
[2009/11/21 11:04:19 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=1B5572B8B9CD678E814F57B245400F64 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_6ec34e240169f05e\iexplore.exe
[2009/11/21 02:42:38 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=1B6362BB14FCEB9E76BCF9A953B04788 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_78828b751cb61529\iexplore.exe
[2009/03/03 00:18:52 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=1DD66A2851DACDEC32EAE8F9A8865ABD -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21023_none_9465e0f822c1744a\iexplore.exe
[2009/04/24 12:25:27 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=1F44940EF1D07D0BDAF80E55853DFBD0 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_93b9fbb309bdc263\iexplore.exe
[2009/03/15 00:12:29 | 000,709,800 | ---- | M] (Microsoft Corporation) MD5=20B5615A7F3EB138651CE1B60C625D76 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16764_none_895d806cd5626b37\iexplore.exe
[2012/08/24 03:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16450_none_befb6d11d8817b93\iexplore.exe
[2013/02/22 03:04:50 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=25B53709A37C3FD814B68EA0A92D18F9 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16476_none_b49724a3a42b8984\iexplore.exe
[2010/02/23 11:06:13 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=25DB705A7DC85C208B3CF2D20F118AA7 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_78ebb87c35ec08c6\iexplore.exe
[2012/05/17 18:59:46 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=268982F1FD671A077C6A2AF41E351436 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20551_none_bf860a26f19e34b4\iexplore.exe
[2013/10/13 12:04:00 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=27DC2B3A141BE4566A0B45A5E5F4668A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16520_none_b4c73469a40862ec\iexplore.exe
[2012/06/28 00:16:03 | 000,754,784 | ---- | M] (Microsoft Corporation) MD5=2BF1D4CA1D2DFDCA52421730CA46E851 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16448_none_b4b994fba411685f\iexplore.exe
[2009/04/11 02:27:44 | 000,636,080 | ---- | M] (Microsoft Corporation) MD5=2C5168C856455CC43C4B4E1CC1920001 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_97c0beeb03de7f46\iexplore.exe
[2012/08/24 07:23:44 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=2D53C5F71653EF94E7829846405D4ED2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16450_none_b4a6c2bfa420b998\iexplore.exe
[2013/10/13 05:43:05 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=2D64E29ADB5DEB40446796A9C42417E3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20631_none_bf9babe4f18df9f9\iexplore.exe
[2009/08/27 01:23:17 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=2E48756F12C21F46895036AC089AAD97 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_78b0cc031c92f16a\iexplore.exe
[2009/03/15 00:42:56 | 000,701,440 | ---- | M] (Microsoft Corporation) MD5=2EEE7F65B04F759FE7D238AD6EAB90B7 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_89df4c43ee8575d0\iexplore.exe
[2009/03/15 00:42:56 | 000,701,440 | ---- | M] (Microsoft Corporation) MD5=31705413C889C5503F564C642D83C282 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_89721e14d5531cd7\iexplore.exe
[2013/02/22 00:10:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16476_none_beebcef5d88c4b7f\iexplore.exe
[2012/06/27 21:08:59 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=32F1A71CC1943BD537DA1516E0CB6AF3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16448_none_bf0e3f4dd8722a5a\iexplore.exe
[2014/02/23 02:26:53 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=32FC0953B384A11B4AB422E56E2BDBCD -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20651_none_bf860c0cf19e31db\iexplore.exe
[2009/04/24 12:07:30 | 000,711,432 | ---- | M] (Microsoft Corporation) MD5=3319AE709DEAA8539AB3B4110C3C675D -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_8c07706deb7a6fe7\iexplore.exe
[2013/05/28 23:32:47 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=33E62E4EFC2ACA8EC63A8926F26D3889 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20606_none_bfc11d1af17124d9\iexplore.exe
[2012/06/02 05:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=34B01BBD8F00B6B9C9248DC4F1E3CD01 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16447_none_bf0d3f03d8731103\iexplore.exe
[2012/10/03 23:12:11 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=367045AF10C4875707E0864E352EF3F1 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16455_none_b4abc431a41c384b\iexplore.exe
[2010/11/02 02:29:04 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=37302FCB9B7D54B0DBB43624E7A21B3C -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_6e11746ce86a0984\iexplore.exe
[2014/02/23 03:18:06 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=390914F89AFA344319B9CF59306FF9A9 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16540_none_b4b19491a4189ace\iexplore.exe
[2010/01/02 10:58:26 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=3D8DA00B028DEA9517066F1CECBFC4A2 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_78ff57c035dd9e36\iexplore.exe
[2014/02/05 06:25:49 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=3E5F9E8087909F24D8DDF1F33CFF14A0 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16533_none_b4bf655ba40dcae2\iexplore.exe
[2013/04/04 18:47:49 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=3F00BE80B9CEA20B7FE7363D15EDDB94 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16483_none_beddfe2bd8971b6b\iexplore.exe
[2013/02/22 00:10:31 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=4145E2B5663F6FACC08EFDB17B658BB2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20586_none_bf6a9bd4f1b2073a\iexplore.exe
[2014/03/07 18:55:11 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=41F24930153D42287D157B93A859E6F3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20656_none_bf8b0d7ef199b08e\iexplore.exe
[2013/11/14 19:18:24 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=43E6F2A7FB182F2D7CB0CE5B8F1005CF -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16526_none_bf21e077d863bcf1\iexplore.exe
[2013/09/22 06:59:54 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=45BDA923BE52906D1460BCB13AC2AB7A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16514_none_bf2aafcfd85d6e52\iexplore.exe
[2014/02/05 05:08:15 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=48600DAC5AF3A53B6F430528209E4830 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16533_none_bf140fadd86e8cdd\iexplore.exe
[2010/05/04 02:32:18 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=48A6109E8DF0365195298CC527B7426A -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_7946112635a7c1dc\iexplore.exe
[2010/09/08 02:26:34 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=4A719476A6393B1DCACFEB4F3AC6599C -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_790e00f635d21ae3\iexplore.exe
[2009/07/22 02:04:09 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=4B5AEA50CE77FBA4C2D169622DC9B489 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_794b073435a4da9f\iexplore.exe
[2012/06/27 19:36:32 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=4B649ED3CDC17707898E4948AAB72528 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20554_none_bf890b04f19b80b9\iexplore.exe
[2009/03/15 00:12:28 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=4CBA2F58668F2D5F3259CBE73E227F25 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20937_none_945f3a1222c5c255\iexplore.exe
[2009/03/15 00:34:04 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=4DBD95312B1C96C5285D38F1D748CD4D -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20868_none_943fc8b222dd3258\iexplore.exe
[2012/05/17 22:51:05 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=4E99F42504A99D5024C2EFA015001937 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16446_none_b4b79467a41335b1\iexplore.exe
[2009/03/03 00:58:49 | 000,712,888 | ---- | M] (Microsoft Corporation) MD5=4F49A46AB978ED80D536E25FC87AF3F5 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18226_none_8b71013cd266bc39\iexplore.exe
[2009/08/27 01:52:49 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=51BDD4A648CD937BC7111D09930114C3 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_6e5c21b0e8322f6f\iexplore.exe
[2013/07/25 00:00:18 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=536B5973A34DDAA6E16AC8248B726BD0 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20613_none_b55ea1febd1b32ca\iexplore.exe
[2009/03/03 00:41:00 | 000,712,888 | ---- | M] (Microsoft Corporation) MD5=57731E60EA98B8C279DCB5BBB82B68B7 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16830_none_8979f0eed54daf2f\iexplore.exe
[2013/07/24 22:42:37 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=57EC630DBD5F0713E77CB3540AB80A8E -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16502_none_bf337f27d8571fb3\iexplore.exe
[2009/04/11 03:11:08 | 000,712,864 | ---- | M] (Microsoft Corporation) MD5=58136AB5A3DF2D44BBB483629188584A -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_8d6c1498cf7dbd4b\iexplore.exe
[2012/08/24 06:49:07 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=5A150AFABB25BEA50CEDC8650A7B8A9E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20557_none_b5376190bd380ac3\iexplore.exe
[2010/11/02 02:03:13 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=5AB037B17F8A87D052F5A88E0D29A3C8 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_78661ebf1ccacb7f\iexplore.exe
[2008/01/20 22:48:06 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=5B92133D3E7FB2644677686305E29E81 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_95d545df06bcb3fa\iexplore.exe
[2010/05/04 02:00:35 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=5C9B1062EA7A44E8F6BFDE994B68C7AA -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_78b0cde91c92ee91\iexplore.exe
[2012/06/02 08:52:21 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=610F6596921C4BAA8834ADBB9BE272EE -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16447_none_b4b894b1a4124f08\iexplore.exe
[2012/08/24 03:49:25 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=62188720CE27B982B4285C03163C9FB3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20557_none_bf8c0be2f198ccbe\iexplore.exe
[2014/03/08 01:00:02 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=62D1CE9232CE753D9627402C9B95E3D5 -- C:\Program Files\Internet Explorer\iexplore.exe
[2014/03/08 01:00:02 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=62D1CE9232CE753D9627402C9B95E3D5 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16545_none_b4b69603a4141981\iexplore.exe
[2009/03/15 00:23:02 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=6655B851D9EEF7C83395EE52D551B448 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20927_none_946a09fe22bda664\iexplore.exe
[2013/05/16 19:34:33 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=67EE46FD4D3B56531C5DD1BDC149275A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16490_none_bed02d61d8a1eb57\iexplore.exe
[2014/02/23 03:43:36 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=698102FF40FC7A63DA1245BB8DE0FF53 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20651_none_b53161babd3d6fe0\iexplore.exe
[2013/01/08 18:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16464_none_bef49e4dd885fce0\iexplore.exe
[2009/03/15 00:40:57 | 000,701,440 | ---- | M] (Microsoft Corporation) MD5=699D1D2EAF5C80E7361809B0ED8AE773 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16681_none_8944ddd0d57559ed\iexplore.exe
[2009/04/24 12:27:28 | 000,711,432 | ---- | M] (Microsoft Corporation) MD5=6B9F780596A6FA37909A1E17B13DB8F3 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_89fe97abee6e3636\iexplore.exe
[2010/05/04 02:57:44 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=6E4A7132FE953AFFAE00B15835404564 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_6e5c2396e8322c96\iexplore.exe
[2013/09/22 11:05:44 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=6FE8A2A2E24D8BED324BA2EBE356488E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20625_none_b555d2a6bd218169\iexplore.exe
[2014/03/07 20:04:01 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=7116680C2C62709EE81BDDC69EF26B93 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2014/03/07 20:04:01 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=7116680C2C62709EE81BDDC69EF26B93 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16545_none_bf0b4055d874db7c\iexplore.exe
[2009/01/15 00:59:48 | 000,709,800 | ---- | M] (Microsoft Corporation) MD5=724BC813643C688280F353EC23128A66 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_89c8afedee968ea9\iexplore.exe
[2010/06/26 02:06:48 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=7420BE0E7D3D1320054F7ACA0594953D -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_78962c9f1ca7a7c0\iexplore.exe
[2010/12/18 03:19:44 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=7852371DA9EFBC17B645558E23780EAC -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_793e10bc35aef44b\iexplore.exe
[2009/03/08 17:09:11 | 000,661,344 | ---- | M] (Microsoft Corporation) MD5=7A81E0CECAE7B98459A073981F0124D5 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_6e6bbde6e827625c\iexplore.exe
[2013/02/02 04:09:12 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=7C2923004FFC497E54F38E835F108EE8 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20580_none_b50fefc6bd56ad35\iexplore.exe
[2009/08/27 09:31:08 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=7DD482E4A2E3CBB0A72F718C342F5B75 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_794538ba35a87543\iexplore.exe
[2012/10/03 18:53:29 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=7FC9E840B32E9DFBFBBA92BA5E9B97C2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20562_none_bf7c3a84f1a569fc\iexplore.exe
[2010/02/23 03:03:07 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=81AF4A1549710310E56B43C4D3F3657C -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_6e6dc246e8258f58\iexplore.exe
[2010/09/08 02:49:26 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=827BE3F3C80787B00F19E36B19531197 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_6e23131ce85d6c46\iexplore.exe
[2009/04/24 12:32:29 | 000,711,432 | ---- | M] (Microsoft Corporation) MD5=8679C8CD9690758AF0984290A1843E72 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_89655160d55d0068\iexplore.exe
[2009/03/15 00:34:04 | 000,701,440 | ---- | M] (Microsoft Corporation) MD5=88BC0B30EE1C0344119778A6E8F2509F -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16711_none_89908f2ad53c937d\iexplore.exe
[2010/01/02 02:40:20 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=88BD42DAE7CFFEB256CA7145A15E4843 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_7869eabf1cc90106\iexplore.exe
[2012/11/14 01:19:40 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=8ACFFA754B6ED028B8689CAD00FC2BCB -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20565_none_b52a9110bd41f406\iexplore.exe
[2009/11/21 02:53:25 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=8ADB04E86E8A38307D0663CD002BFFD1 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_6e2de122e855532e\iexplore.exe
[2009/03/03 00:32:44 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=8BA2B7A05F88BE0D45237A0994AD8366 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22389_none_961169b0201311a9\iexplore.exe
[2009/03/15 00:23:03 | 000,709,408 | ---- | M] (Microsoft Corporation) MD5=8BC05A19FA4C19025D564A2201709F70 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20927_none_8a155fabee5ce469\iexplore.exe
[2010/12/18 02:56:48 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=8F69AE4F1AC2E1D2C34348D519007A2C -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_6e67cbeee8295d3e\iexplore.exe
[2011/04/01 17:10:50 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16421_none_bf1cdd1fd8684117\iexplore.exe
[2010/11/02 03:13:47 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=92A17B0A89D14815AACC62CD190B6CE3 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_78e78f7635efd6ac\iexplore.exe
[2014/03/07 22:07:19 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=9399B893A565637F9C21D069571FED6B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20656_none_b536632cbd38ee93\iexplore.exe
[2009/03/15 00:42:56 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=9437CA21CD48C9B6BFD6F5AC0143D251 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_93c6c86709b3ded2\iexplore.exe
[2014/04/03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\iexplore.exe
[2012/10/03 19:08:28 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=96A360002311ECE53952AF2F5B4CD64E -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16455_none_bf006e83d87cfa46\iexplore.exe
[2010/05/04 02:59:11 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=9D0512508DBDD31DA29BC05941417101 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_6ef166d40146ffe1\iexplore.exe
[2009/03/03 00:40:22 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=9E6C1527D9A2C64BFD780AA23075380F -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18226_none_95c5ab8f06c77e34\iexplore.exe
[2009/03/15 00:40:57 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=9F1427F203CA078005C9943800929640 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20823_none_946606f022c143e1\iexplore.exe
[2010/02/23 02:39:16 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=9F52FBE99C749E3F32C75124F09F1B03 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_78c26c991c865153\iexplore.exe
[2013/05/16 21:46:47 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=A1397D2A4924C390E55D146FB45FDF7C -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20600_none_b566710cbd15cad4\iexplore.exe
[2013/04/04 21:55:57 | 000,763,504 | ---- | M] (Microsoft Corporation) MD5=A1B0DEC3BB845C6369F97BC1A3542A07 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16483_none_b48953d9a4365970\iexplore.exe
[2013/02/02 00:19:03 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=A285E1965C115031DA02B777EE9D7689 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20580_none_bf649a18f1b76f30\iexplore.exe
[2013/11/14 22:07:29 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=A4CC57C4374AF6D8B8C532199A3D9B6C -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20637_none_b54d034ebd27d008\iexplore.exe
[2013/07/31 10:22:10 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=A818D637533302BA58C685F332388FC0 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16506_none_b4e2d5fda3f2c314\iexplore.exe
[2013/05/16 18:27:11 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=A8732CEDB2C0EE7AFC08F867A47BB3EC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20600_none_bfbb1b5ef1768ccf\iexplore.exe
[2013/02/02 03:37:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=A8EBEBCD9F5C49475194099FCD276992 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16470_none_b49122e7a430f17a\iexplore.exe
[2009/03/03 00:36:03 | 000,712,888 | ---- | M] (Microsoft Corporation) MD5=AA8005889396DF530BCDF0E2AA0E7A04 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21023_none_8a1136a5ee60b24f\iexplore.exe
[2013/07/31 06:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=AA9CBDCD4675A48755DDA3A73BE3E283 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16506_none_bf37804fd853850f\iexplore.exe
[2008/01/20 22:50:37 | 000,701,952 | ---- | M] (Microsoft Corporation) MD5=AC2C3BAFD177B60C3B5E4DDBCC2C2DB3 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_8b809b8cd25bf1ff\iexplore.exe
[2013/05/29 02:24:18 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=AFF2C99AD2C599108B6BD9E77C24B463 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16496_none_b48184cba43bc166\iexplore.exe
[2013/02/22 03:17:45 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=B21A57AA4CB928059A0C0C58A9E77A02 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20586_none_b515f182bd51453f\iexplore.exe
[2009/03/08 17:09:24 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_78c068391c882457\iexplore.exe
[2010/01/02 11:15:56 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=B7ECFA3A546360E2A39ADBE1D773F3DC -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_6eaaad6e017cdc3b\iexplore.exe
[2013/10/13 08:41:01 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=B7FF42AE9760F3F0CC8EF2056A7BC372 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20631_none_b5470192bd2d37fe\iexplore.exe
[2010/12/18 02:28:35 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=B988D7F127B94BD5BF8356FE81B985C4 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_78bc76411c8a1f39\iexplore.exe
[2012/06/02 04:51:58 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=BE967C74B89577B78FB57C061E12B04C -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20553_none_bf880abaf19c6762\iexplore.exe
[2013/04/04 17:55:02 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=C036AB1ED8BAC04FE4A349BA263077BB -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20593_none_bf5ccb0af1bcd726\iexplore.exe
[2009/03/15 00:12:28 | 000,709,800 | ---- | M] (Microsoft Corporation) MD5=C06D959943F4E6CEC8FF0484B1440F84 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20937_none_8a0a8fbfee65005a\iexplore.exe
[2014/02/05 06:01:30 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=C24DA744AD59EF3A87380F0A75D2E580 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20644_none_bf93dcd6f19361ef\iexplore.exe
[2009/07/21 17:53:43 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=C33BD196A0301F9B23D9A003D30ED8B0 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_78b69a7d1c8f56c6\iexplore.exe
[2009/07/21 18:12:12 | 000,660,744 | ---- | M] (Microsoft Corporation) MD5=C45FA4DA458E0B3C9636B09488029BDD -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_6e61f02ae82e94cb\iexplore.exe
[2013/04/04 20:40:37 | 000,763,504 | ---- | M] (Microsoft Corporation) MD5=C4A4F4AD91677DA1659A9ADE63746B8B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20593_none_b50820b8bd5c152b\iexplore.exe
[2010/01/02 03:09:58 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=C9256212D298D96FE0F63D69ECD9CE97 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_6e15406ce8683f0b\iexplore.exe
[2013/05/29 01:56:53 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=C9C29508A433DAF0118D28C4F38CDDFC -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20606_none_b56c72c8bd1062de\iexplore.exe
[2009/08/27 10:04:11 | 000,660,744 | ---- | M] (Microsoft Corporation) MD5=CBDEB65EDCC5E574F43F1EF79E54C8A1 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_6ef08e680147b348\iexplore.exe
[2010/02/23 12:03:02 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=D1978C9901DAA9A1C2EE78A707B1449A -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_6e970e2a018b46cb\iexplore.exe
[2009/04/24 12:03:18 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=D5271AC4A06AD9D1E2EA0151B79B2657 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_945341fe22cef831\iexplore.exe
[2010/09/08 02:02:42 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=D5A730DFDEAE005373E62BC2A866E3BB -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_7877bd6f1cbe2e41\iexplore.exe
[2009/03/15 00:34:04 | 000,701,440 | ---- | M] (Microsoft Corporation) MD5=D5A7B74CA0826CF5BCE4AE0152231A9B -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20868_none_89eb1e5fee7c705d\iexplore.exe
[2009/04/24 12:01:36 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=D6157423C117F24D24695866A1D0A93F -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_965c1ac01fdb31e2\iexplore.exe
[2009/01/15 00:50:38 | 000,709,800 | ---- | M] (Microsoft Corporation) MD5=D6F4816C6B7BE9A125E138B903C2B0EF -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_89a3634cd52d3f6b\iexplore.exe
[2009/03/03 01:02:08 | 000,712,872 | ---- | M] (Microsoft Corporation) MD5=D7379B3EF7C87578F8966FF5C7B46E9D -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22389_none_8bbcbf5debb24fae\iexplore.exe
[2009/03/15 00:12:28 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=D762642A109433EEDCD332B0A9511137 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16764_none_93b22abf09c32d32\iexplore.exe
[2010/09/08 03:28:01 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=D93AB1673986658EF1931FA751BCCF69 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_6eb956a4017158e8\iexplore.exe
[2013/02/02 00:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16470_none_bee5cd39d891b375\iexplore.exe
[2013/07/31 09:01:01 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=E1D016741AA03A959586A7818595BF46 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20617_none_b562a326bd179826\iexplore.exe
[2009/11/21 11:05:17 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=E7F8DF50E483D165BB01F367D3519AA7 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_7917f87635cab259\iexplore.exe
[2010/06/26 02:31:23 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=E9D8A71AFDCA528A184C1498E22A8241 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_6e41824ce846e5c5\iexplore.exe
[2009/03/03 00:22:10 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=EA4BE33726155F89D89A3FE7142878E0 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16830_none_93ce9b4109ae712a\iexplore.exe
[2013/05/28 22:24:32 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=EE12BA876C4190532A4085994BA9B616 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16496_none_bed62f1dd89c8361\iexplore.exe
[2013/01/08 20:51:57 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=EF1F6F41FB2C9BBB484B21017F380201 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20573_none_b51dc090bd4bdd49\iexplore.exe
[2013/01/08 17:32:42 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F05982E56ABD835AA8DF260EEC873E5B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20573_none_bf726ae2f1ac9f44\iexplore.exe
[2010/06/26 02:52:42 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=F05B3A2C6CB319DD1377AD566CF5ECE5 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_791c9ec835c831a0\iexplore.exe
[2009/01/15 00:18:47 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=F0B1CA517977BA2FF6DA33F1B966C488 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_941d5a4022f750a4\iexplore.exe
[2011/04/01 17:10:32 | 000,754,480 | ---- | M] (Microsoft Corporation) MD5=F1424C1B9B1813BF825E45DF3790BC8A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16421_none_b4c832cda4077f1c\iexplore.exe
[2009/04/24 12:08:04 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=F294D8EEB05C835EC44A12CE0A1DFE7A -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_95b20c4b06d5e8c4\iexplore.exe
[2010/11/02 03:42:15 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=F686191623AC22EE2521C2D17157B199 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_6e92e524018f14b1\iexplore.exe
[2012/11/13 22:19:28 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F691418EE9A6344AEB5C1B0518FBF8AE -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20565_none_bf7f3b62f1a2b601\iexplore.exe
[2013/09/22 08:14:29 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=F87E95A127E83277B9AE500D7A18C998 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20625_none_bfaa7cf8f1824364\iexplore.exe
[2010/06/28 14:17:01 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=F896A6A9965B9C64061BE97F6D84B075 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_6ec7f47601676fa5\iexplore.exe
[2012/05/17 21:37:57 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=F8B2D47ED17C1D087D14EC747E5AC57A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20551_none_b5315fd4bd3d72b9\iexplore.exe
[2013/09/22 11:48:47 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=F980F2E95E0434C8E0559B6504FE1D10 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16514_none_b4d6057da3fcac57\iexplore.exe
[2013/11/14 19:20:23 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=FA58195587EC371699D9641C3E275856 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20637_none_bfa1ada0f1889203\iexplore.exe
[2013/07/24 23:58:46 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=FA5B33E7BB143BCE846C303B528E8D62 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16502_none_b4ded4d5a3f65db8\iexplore.exe
[2010/12/18 03:54:56 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=FC6DC0E786A4D2E7DA6E9C012ED2E64F -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_6ee9666a014e3250\iexplore.exe
[2012/11/14 03:11:18 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=FD0D2E1FAEBAE5031BE2EB8000D973F1 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16457_none_b4adc4c5a41a6af9\iexplore.exe
[2009/04/24 12:23:20 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=FD4E1EF226A34D093AAD475B94C5E36E -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_8b5d61f8d27526c9\iexplore.exe
[2009/07/22 02:30:13 | 000,660,744 | ---- | M] (Microsoft Corporation) MD5=FDCF656D4B4E116D9C932AD2868FD811 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_6ef65ce2014418a4\iexplore.exe
[2014/02/05 07:09:08 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=FE56790B5C1930FD93F58DE3E87B0E63 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20644_none_b53f3284bd329ff4\iexplore.exe
[2009/03/15 00:23:03 | 000,709,408 | ---- | M] (Microsoft Corporation) MD5=FF441810C3CA6DC897CB322F60A6902F -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16757_none_896b5136d5579b4b\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2009/03/08 18:15:57 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=11E9431B29BD64A1FB13369BB8AD4116 -- C:\Windows\winsxs\amd64_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_8.0.6001.18702_en-us_7c9630f422ee47f7\iexplore.exe.mui
[2011/04/01 17:10:36 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=17FAE936C452188D05852DE8D1082013 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2011/04/01 17:10:36 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=17FAE936C452188D05852DE8D1082013 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.1.8112.16421_en-us_ae74c844dbb4c003\iexplore.exe.mui
[2006/11/02 11:13:34 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=3CCDDDBC49DEACA370F39A9F0E146A1B -- C:\Windows\winsxs\wow64_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a1c8f6f0449888c1\iexplore.exe.mui
[2011/04/01 17:10:53 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2011/04/01 17:10:53 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.1.8112.16421_en-us_b8c97297101581fe\iexplore.exe.mui
[2009/03/08 17:27:11 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Windows\winsxs\wow64_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_8.0.6001.18702_en-us_86eadb46574f09f2\iexplore.exe.mui
[2006/11/02 11:13:29 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=D421BD7B9646679254B0D855823C6F21 -- C:\Windows\winsxs\amd64_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_97744c9e1037c6c6\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-A033F7A0.PF >
[2014/04/13 10:08:50 | 000,019,074 | ---- | M] () MD5=01622556C7D56ACB8BDD27677B28B394 -- C:\Windows\Prefetch\IEXPLORE.EXE-A033F7A0.pf
< MD5 for: SERVICES >
[2006/09/18 17:37:24 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_60a39df1afb86c9f\services
< MD5 for: SERVICES.CFG >
[2012/09/23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2013/12/21 02:04:16 | 000,559,392 | ---- | M] () MD5=F9FBA73F44366AB3514BD1985707F178 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg
< MD5 for: SERVICES.EXE >
[2008/01/20 22:50:34 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 03:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\SysNative\services.exe
[2009/04/11 03:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[2009/04/11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SysWOW64\services.exe
[2009/04/11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2008/01/20 22:49:44 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=DFAC660F0F139276CC9299812DE42719 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 11:13:31 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\SysWOW64\en-US\services.exe.mui
[2006/11/02 11:13:31 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
[2006/11/02 11:13:56 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\Windows\SysNative\en-US\services.exe.mui
[2006/11/02 11:13:56 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c3e5209ee1678e23\services.exe.mui
< MD5 for: SERVICES.EXE-7FDA2469.PF >
[2014/03/29 06:02:56 | 000,052,098 | ---- | M] () MD5=281CEADEEC157523161606A0A0A7BC93 -- C:\Windows\Prefetch\SERVICES.EXE-7FDA2469.pf
< MD5 for: SERVICES.LNK >
[2008/01/20 23:20:59 | 000,001,688 | ---- | M] () MD5=EFDD08F4E5E26430885F26F0C35B8C62 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 23:20:59 | 000,001,688 | ---- | M] () MD5=EFDD08F4E5E26430885F26F0C35B8C62 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >
[2006/09/18 17:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysWOW64\wbem\services.mof
[2006/09/18 17:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.mof
[2006/09/18 17:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.mof
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof
< MD5 for: SERVICES.MSC >
[2006/11/02 11:13:51 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2006/09/18 17:29:41 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2006/11/02 11:14:00 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2006/09/18 17:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2006/11/02 11:13:51 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_fe26f08ab7d12816\services.msc
[2006/09/18 17:29:41 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_2b827e27fe185619\services.msc
[2006/11/02 11:14:00 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 17:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc
< MD5 for: WINLOGON.EXE >
[2009/04/11 03:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 03:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/20 22:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2014/04/03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2008/01/20 22:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2008/01/20 22:52:39 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=1DB95B0920FA9783476AC46F187C06F6 -- C:\Windows\SysNative\en-US\winlogon.exe.mui
[2008/01/20 22:52:39 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=1DB95B0920FA9783476AC46F187C06F6 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6001.18000_en-us_27172d0ebc73e370\winlogon.exe.mui
[2008/01/20 22:52:28 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\Windows\SysWOW64\en-US\winlogon.exe.mui
[2008/01/20 22:52:28 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6001.18000_en-us_caf8918b0416723a\winlogon.exe.mui
[2006/11/02 11:13:52 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=2D30AB05DBA78517B34C0AAC71DF5299 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_24e06b12bf88d29c\winlogon.exe.mui
[2006/11/02 11:13:03 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=A1D2856F3EC3C86EBBF1442B0245A8B3 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c8c1cf8f072b6166\winlogon.exe.mui
< MD5 for: WINLOGON.EXE-DEDDC9B6.PF >
[2014/03/30 09:37:45 | 000,059,370 | ---- | M] () MD5=BEF0F1322E483BBB962D2906579C4851 -- C:\Windows\Prefetch\WINLOGON.EXE-DEDDC9B6.pf
< MD5 for: WINLOGON.MOF >
[2006/09/18 17:38:40 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\SysNative\wbem\winlogon.mof
[2006/09/18 17:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\SysWOW64\wbem\winlogon.mof
[2006/09/18 17:38:40 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.0.6000.16386_none_da20a358315a3dca\winlogon.mof
[2006/09/18 17:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.0.6000.16386_none_7e0207d478fccc94\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2013/06/03 19:28:41 | 000,000,804 | ---- | M] () -- C:\$R19YHM5.lnk5z818
[2014/01/24 16:06:40 | 000,000,339 | ---- | M] () -- C:\1404147.lnk30854
[2010/04/18 19:37:51 | 000,002,044 | ---- | M] () -- C:\ABBYY FineReader 6.0 Sprint.lnkui830
[2011/10/17 18:23:17 | 000,001,673 | ---- | M] () -- C:\About Bonjour.lnkhs826
[2014/01/24 16:01:09 | 000,000,311 | ---- | M] () -- C:\AdvancedViewer.lnkro899
[2014/01/24 16:06:40 | 000,000,487 | ---- | M] () -- C:\AInfoBottom.lnke9903
[2014/01/24 16:06:12 | 000,000,582 | ---- | M] () -- C:\baginfo.lnk4y907
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/06/24 06:22:20 | 000,546,872 | ---- | M] (Microsoft Corporation) -- C:\bootmgr.efi
[2014/01/24 16:01:09 | 000,000,179 | ---- | M] () -- C:\CD Drive (2).lnkxw917
[2013/06/03 20:21:14 | 000,000,193 | ---- | M] () -- C:\CD Drive.lnkqn921
[2014/01/24 15:41:22 | 000,000,253 | ---- | M] () -- C:\data (2).lnkbi89
[2014/01/24 15:41:22 | 000,000,360 | ---- | M] () -- C:\data.lnkbi94
[2009/08/21 05:28:54 | 000,001,962 | ---- | M] () -- C:\Dell Remote Access.lnkyk834
[2009/03/15 00:59:55 | 000,003,159 | RH-- | M] () -- C:\dell.sdr
[2014/01/24 15:44:25 | 000,000,473 | ---- | M] () -- C:\DocHead.lnkx4102
[2014/01/24 15:47:46 | 000,000,473 | ---- | M] () -- C:\DocInfo.lnkzj107
[2013/07/05 17:36:15 | 000,000,710 | ---- | M] () -- C:\DPA_Autopay_Form_Revised_pdf.iva1b9e.lnk7u111
[2013/07/05 17:03:08 | 000,000,000 | ---- | M] () -- C:\END
[2013/07/05 17:26:20 | 000,000,640 | ---- | M] () -- C:\Entry_aspx (1).wqcxr8m.lnkbf116
[2013/07/05 18:45:44 | 000,000,558 | ---- | M] () -- C:\Entry_aspx.jo7rkdv.lnk2l165
[2013/07/05 17:26:14 | 000,000,620 | ---- | M] () -- C:\Entry_aspx.mxsql6z.lnkxk169
[2014/04/14 06:58:38 | 4255,502,336 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/24 16:05:57 | 000,000,579 | ---- | M] () -- C:\images.fix.lnkl7344
[2014/01/24 15:46:00 | 000,000,457 | ---- | M] () -- C:\Img.lnkts348
[2014/01/24 15:48:08 | 000,000,473 | ---- | M] () -- C:\ImgLeft.lnknw354
[2014/01/24 15:46:41 | 000,000,473 | ---- | M] () -- C:\ImgMain.lnkax359
[2014/01/24 15:52:49 | 000,000,470 | ---- | M] () -- C:\ImgTop.lnkl7364
[2013/06/03 20:21:14 | 000,000,299 | ---- | M] () -- C:\index.lnkbl369
[2013/07/05 18:14:01 | 000,000,710 | ---- | M] () -- C:\launch-download-manager_jnlp.gyyo2ut.lnkpm375
[2014/01/24 16:06:15 | 000,000,587 | ---- | M] () -- C:\metadata.blo.lnk4b452
[2014/01/24 16:06:04 | 000,000,587 | ---- | M] () -- C:\metadata.idx.lnke6593
[2014/04/14 06:58:34 | 274,145,279 | -HS- | M] () -- C:\pagefile.sys
[2014/01/24 15:52:14 | 000,000,465 | ---- | M] () -- C:\PInfo.lnk0a667
[2014/01/24 15:52:04 | 000,000,481 | ---- | M] () -- C:\ScriptInf.sif.lnk4e671
[2014/01/24 15:36:57 | 000,000,587 | ---- | M] () -- C:\sequence.blo.lnk44675
[2014/01/24 15:50:04 | 000,000,465 | ---- | M] () -- C:\Study.lnke9702
[2013/06/03 19:27:41 | 000,001,731 | ---- | M] () -- C:\Uninstall.lnkht838
[2014/01/23 22:25:07 | 000,001,055 | ---- | M] () -- C:\Uninstall.lnky4822
[2014/01/24 16:06:24 | 000,000,587 | ---- | M] () -- C:\view0001.dcm.lnkex706
[2014/01/24 16:06:20 | 000,000,587 | ---- | M] () -- C:\view0002.dcm.lnkye805
[2014/01/24 15:49:39 | 000,000,478 | ---- | M] () -- C:\ViewDocs.lnkux843
[2014/01/24 16:06:24 | 000,000,430 | ---- | M] () -- C:\w8159480.lnklk847
< %systemroot%\Fonts\*.com >
[2006/11/02 11:06:41 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 11:06:41 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 11:06:41 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2010/01/12 10:26:18 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006/09/18 17:35:48 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2008/01/20 23:21:59 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is 1443-F5DB
Directory of C:\
03/25/2009 03:44 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
03/25/2009 03:44 PM <JUNCTION> Application Data [C:\ProgramData]
03/25/2009 03:44 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
03/25/2009 03:44 PM <JUNCTION> Documents [C:\Users\Public\Documents]
03/25/2009 03:44 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
03/25/2009 03:44 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
03/25/2009 03:44 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
03/25/2009 03:44 PM <SYMLINKD> All Users [C:\ProgramData]
03/25/2009 03:44 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
03/25/2009 03:44 PM <JUNCTION> Application Data [C:\ProgramData]
03/25/2009 03:44 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
03/25/2009 03:44 PM <JUNCTION> Documents [C:\Users\Public\Documents]
03/25/2009 03:44 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
03/25/2009 03:44 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
03/25/2009 03:44 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
03/25/2009 03:44 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
03/25/2009 03:44 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
03/25/2009 03:44 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
03/25/2009 03:44 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
03/25/2009 03:44 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/25/2009 03:44 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/25/2009 03:44 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
03/25/2009 03:44 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
03/25/2009 03:44 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
03/25/2009 03:44 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
03/25/2009 03:44 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
03/25/2009 03:44 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
03/25/2009 03:44 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
03/25/2009 03:44 PM <JUNCTION> My Music [C:\Users\Default\Music]
03/25/2009 03:44 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
03/25/2009 03:44 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
03/25/2009 03:44 PM <JUNCTION> My Music [C:\Users\Public\Music]
03/25/2009 03:44 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
03/25/2009 03:44 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\RA Media Server
12/15/2009 05:13 PM <JUNCTION> Application Data [C:\Users\RA Media Server\AppData\Roaming]
12/15/2009 05:13 PM <JUNCTION> Cookies [C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Cookies]
12/15/2009 05:13 PM <JUNCTION> Local Settings [C:\Users\RA Media Server\AppData\Local]
12/15/2009 05:13 PM <JUNCTION> My Documents [C:\Users\RA Media Server\Documents]
12/15/2009 05:13 PM <JUNCTION> NetHood [C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
12/15/2009 05:13 PM <JUNCTION> PrintHood [C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
12/15/2009 05:13 PM <JUNCTION> Recent [C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Recent]
12/15/2009 05:13 PM <JUNCTION> SendTo [C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\SendTo]
12/15/2009 05:13 PM <JUNCTION> Start Menu [C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Start Menu]
12/15/2009 05:13 PM <JUNCTION> Templates [C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\RA Media Server\AppData\Local
12/15/2009 05:13 PM <JUNCTION> Application Data [C:\Users\RA Media Server\AppData\Local]
12/15/2009 05:13 PM <JUNCTION> History [C:\Users\RA Media Server\AppData\Local\Microsoft\Windows\History]
12/15/2009 05:13 PM <JUNCTION> Temporary Internet Files [C:\Users\RA Media Server\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\RA Media Server\Documents
12/15/2009 05:13 PM <JUNCTION> My Music [C:\Users\RA Media Server\Music]
12/15/2009 05:13 PM <JUNCTION> My Pictures [C:\Users\RA Media Server\Pictures]
12/15/2009 05:13 PM <JUNCTION> My Videos [C:\Users\RA Media Server\Videos]
0 File(s) 0 bytes
Directory of C:\Users\viccherry
03/25/2009 03:47 PM <JUNCTION> Application Data [C:\Users\viccherry\AppData\Roaming]
03/25/2009 03:47 PM <JUNCTION> Cookies [C:\Users\viccherry\AppData\Roaming\Microsoft\Windows\Cookies]
03/25/2009 03:47 PM <JUNCTION> Local Settings [C:\Users\viccherry\AppData\Local]
03/25/2009 03:47 PM <JUNCTION> My Documents [C:\Users\viccherry\Documents]
03/25/2009 03:47 PM <JUNCTION> NetHood [C:\Users\viccherry\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/25/2009 03:47 PM <JUNCTION> PrintHood [C:\Users\viccherry\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/25/2009 03:47 PM <JUNCTION> Recent [C:\Users\viccherry\AppData\Roaming\Microsoft\Windows\Recent]
03/25/2009 03:47 PM <JUNCTION> SendTo [C:\Users\viccherry\AppData\Roaming\Microsoft\Windows\SendTo]
03/25/2009 03:47 PM <JUNCTION> Start Menu [C:\Users\viccherry\AppData\Roaming\Microsoft\Windows\Start Menu]
03/25/2009 03:47 PM <JUNCTION> Templates [C:\Users\viccherry\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\viccherry\AppData\Local
03/25/2009 03:47 PM <JUNCTION> Application Data [C:\Users\viccherry\AppData\Local]
03/25/2009 03:47 PM <JUNCTION> History [C:\Users\viccherry\AppData\Local\Microsoft\Windows\History]
03/25/2009 03:47 PM <JUNCTION> Temporary Internet Files [C:\Users\viccherry\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\viccherry\AppData\LocalLow
12/30/2010 08:56 PM <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\viccherry\Documents
03/25/2009 03:47 PM <JUNCTION> My Music [C:\Users\viccherry\Music]
03/25/2009 03:47 PM <JUNCTION> My Pictures [C:\Users\viccherry\Pictures]
03/25/2009 03:47 PM <JUNCTION> My Videos [C:\Users\viccherry\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
03/14/2009 10:31 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
03/14/2009 10:31 PM <JUNCTION> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
03/14/2009 10:31 PM <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
03/14/2009 10:31 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
03/14/2009 10:31 PM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
03/14/2009 10:31 PM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile
03/14/2009 10:31 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
03/14/2009 10:31 PM <JUNCTION> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
03/14/2009 10:31 PM <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
0 File(s) 0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local
03/14/2009 10:31 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
03/14/2009 10:31 PM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
03/14/2009 10:31 PM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
79 Dir(s) 112,114,913,280 bytes free
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/04/01 17:19:29 | 000,000,286 | -HS- | M] () -- C:\Users\viccherry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2014/04/13 20:44:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\viccherry\Desktop\OTL.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 169 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:5D432CE3
< End of report >