Hello,
I was directed here to check my laptop for malware.
OTL logfile created on: 10/8/2014 2:07:01 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MAGMAM\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00000409 | Country: Australia | Language: EN | Date Format: dd/MM/yyyy
2.94 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 38.70% Memory free
7.32 Gb Paging File | 2.70 Gb Available in Paging File | 36.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 275.89 Gb Total Space | 13.57 Gb Free Space | 4.92% Space Free | Partition Type: NTFS
Drive D: | 16.90 Gb Total Space | 0.10 Gb Free Space | 0.61% Space Free | Partition Type: NTFS
Drive E: | 5.00 Gb Total Space | 0.18 Gb Free Space | 3.69% Space Free | Partition Type: NTFS
Drive G: | 1.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 0.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 300.00 Mb Total Space | 258.79 Mb Free Space | 86.27% Space Free | Partition Type: NTFS
Drive J: | 9.47 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive K: | 7.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive L: | 6.81 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive M: | 5.66 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: MAGMAM-PC | User Name: MAGMAM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)
PRC - C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe (Ginger Software)
PRC - C:\Program Files\Ginger\GingerServices\GingerServices.exe (Ginger Software)
PRC - C:\Program Files\Notepad++\notepad++.exe (Don HO don.h@free.fr)
PRC - C:\Program Files\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - c:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe ()
PRC - C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe (RealNetworks, Inc.)
PRC - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
PRC - C:\Windows\System32\osk.exe (Microsoft Corporation)
PRC - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hotspot Shield\bin\HSSCP.exe (AnchorFree Inc.)
PRC - C:\Program Files\Hotspot Shield\bin\cmw_srv.exe (AnchorFree Inc.)
PRC - C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe (AVG)
PRC - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (AVG)
PRC - C:\Users\MAGMAM\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Software Informer\softinfo.exe (Informer Technologies, Inc.)
PRC - C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe (Disc Soft Ltd)
PRC - C:\ProgramData\MobileBrServ\mbbService.exe ()
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe (Nitro PDF Software)
PRC - C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
PRC - C:\Program Files\netcut\netcut.exe (Arcai.com)
PRC - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\WebcamMax\wcmmon.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Google\Chrome\Application\38.0.2125.101\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files\Google\Chrome\Application\38.0.2125.101\pdf.dll ()
MOD - C:\Program Files\Google\Chrome\Application\38.0.2125.101\libglesv2.dll ()
MOD - C:\Program Files\Google\Chrome\Application\38.0.2125.101\ffmpegsumo.dll ()
MOD - C:\Program Files\Google\Chrome\Application\38.0.2125.101\libegl.dll ()
MOD - c:\Program Files\Real\RealPlayer\RPDS\Lib\r1api.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e8d9058b7f59f6d3d134b086916d8674\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0c9f47f2c82f0232a48a737193672197\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\349461c3a273efc2b4bd643c2645bd70\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2508b25b4d961a45659a8a8f128818a1\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3f2952ec748f60fbb5deacfc4db0a2a3\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8b7f86e5a6f0aa23f4b25dfeeaa6b318\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3fad44f7fd9f6c117eb02265ab63f80d\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5bf56d6064af88d8812a3f78e0dfd376\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4c4507612d22786d45594a65a0213c1f\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95854f4f1f37b8eab1b1e3d7103b48ef\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll ()
MOD - C:\Program Files\Hotspot Shield\bin\af_proxy.dll ()
MOD - C:\Program Files\Notepad++\NppShell_06.dll ()
MOD - C:\Program Files\Software Informer\cef\libcef.dll ()
MOD - C:\Program Files\Notepad++\plugins\NppFTP.dll ()
MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Windows\System32\IccLibDll.dll ()
MOD - C:\Program Files\Notepad++\plugins\NppExport.dll ()
MOD - C:\Program Files\WebcamMax\wcmmon.exe ()
MOD - C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
========== Services (SafeList) ==========
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (APNMCP) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)
SRV - (RealPlayer Cloud Service) -- c:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.)
SRV - (TeamViewer9) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (GingerUpdateService) -- C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe (Ginger Software)
SRV - (avgfws) -- C:\Program Files\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (RealPlayerUpdateSvc) -- C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe ()
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (c2cautoupdatesvc) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
SRV - (c2cpnrsvc) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
SRV - (HPSupportSolutionsFrameworkService) -- C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company)
SRV - (HssTrayService) -- C:\Program Files\Hotspot Shield\bin\HSSTrayService.exe ()
SRV - (hshld) -- C:\Program Files\Hotspot Shield\bin\cmw_srv.exe (AnchorFree Inc.)
SRV - (HssWd) -- C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
SRV - (MBAMService) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (AVG)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (AVG)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (wxpSvc) -- C:\Program Files\webcamXP5\wService.exe (Moonware Studios)
SRV - (cphs) -- C:\Windows\System32\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Disc Soft Bus Service) -- C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe (Disc Soft Ltd)
SRV - (Mobile Broadband HL Service) -- C:\ProgramData\MobileBrServ\mbbService.exe ()
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (NitroReaderDriverReadSpool3) -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe (Nitro PDF Software)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (Riverbed Technology, Inc.)
SRV - (ICCS) -- C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (AIPS) -- C:\Program Files\netcut\services\aips.exe (Arcai.com)
SRV - (VmbService) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (catchme) -- C:\Users\MAGMAM\AppData\Local\Temp\catchme.sys File not found
DRV - (BprotectEx) -- C:\Windows\System32\drivers\BprotectEx.sys File not found
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgdiskx) -- C:\Windows\System32\drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (HssDRV6) -- C:\Windows\System32\drivers\hssdrv6.sys (AnchorFree Inc.)
DRV - (taphss6) -- C:\Windows\System32\drivers\taphss6.sys (Anchorfree Inc.)
DRV - (MBAMWebAccessControl) -- C:\Windows\System32\drivers\mwac.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (TBIMount) -- C:\Windows\System32\drivers\TBIMount.sys (TeraByte, Inc.)
DRV - (dtscsibus) -- C:\Windows\System32\drivers\dtscsibus.sys (Disc Soft Ltd)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (Avgfwfd) -- C:\Windows\System32\drivers\avgfwd6x.sys (AVG Technologies CZ, s.r.o.)
DRV - (Bhbase) -- C:\Windows\System32\drivers\Bhbase.sys (Baidu, Inc.)
DRV - (phylock) -- C:\Windows\System32\drivers\phylock.sys (TeraByte, Inc.)
DRV - (Apowersoft_AudioDevice) -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV - (IntcDAud) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel® Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (Riverbed Technology, Inc.)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (terminpt) -- C:\Windows\System32\drivers\terminpt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Qualcomm Atheros Communications, Inc.)
DRV - (WCMVCAM) -- C:\Windows\System32\drivers\wcmvcam.sys (Windows ® Win 7 DDK provider)
DRV - (WinDriver6) -- C:\Windows\System32\drivers\windrvr6.sys (Jungo)
DRV - (XilinxPC4Driver) -- C:\Windows\System32\drivers\xpc4drvr.sys (Xilinx, Inc.)
DRV - (hpdskflt) -- C:\Windows\System32\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_usbenumfilter) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys (Huawei Technologies Co., Ltd.)
DRV - (nusb3xhc) -- C:\Windows\System32\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV - (nusb3hub) -- C:\Windows\System32\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (tsusbhub) -- C:\Windows\System32\drivers\tsusbhub.sys (Microsoft Corporation)
DRV - (Synth3dVsc) -- C:\Windows\System32\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (MEI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {77AA745B-F4F8-45DA-9B14-61D2D95054C8}
IE - HKCU\..\SearchScopes,DefaultScope = {0001612C-7A4C-413E-AE24-A0533160057F}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" =
http://mysearch.avg.com/search?cid={D9444AAD-89CD-4199-B024-73EC10916BD1}&mid=6bce5ce22d7947d39831b9ea824161c4-df9ce6dce916111b504e34f7134076bab6351bc4&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-21 14:56:29&v=18.0.5.292&pid=safeguard&sg=&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8555;https=127.0.0.1:8555
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Mysearchdial"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: ffxtlbra%40softonic.com:1.6.0
FF - prefs.js..extensions.enabledAddons: %7B285ACFBB-8E53-4feb-90E6-F02A128927F3%7D:1.2.6
FF - prefs.js..extensions.enabledAddons: %7Bf9d03c26-0575-497e-821d-f7956d23e0ca%7D:3.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - prefs.js..keyword.URL: ""
FF - prefs.js..network.proxy.type:
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.13.2: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.13: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.13.2: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\gingersoftware.com/gingerPlugin: C:\Program Files\Ginger\GingerServices\GingerServicesProxy.dll (Ginger Software)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/09/17 20:13:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\chknq@jrkbwgoi.org: C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\extensions\chknq@jrkbwgoi.org
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\adapter@gingersoftware.com: C:\Program Files\Ginger\Mozilla\adapter@gingersoftware.com [2014/09/16 18:01:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\firefox@gingersoftware.2.0.0.74.com: C:\Program Files\Ginger\Mozilla\firefox@gingersoftware.2.0.0.74.com [2014/05/18 03:47:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{9D2AA73B-6049-4799-B8AC-925723370070}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/09/17 20:13:37 | 000,000,000 | ---D | M]
[2013/08/04 12:37:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Extensions
[2014/10/06 02:48:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions
[2014/10/06 02:48:18 | 000,000,000 | ---D | M] (Hotspot Shield) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2014/02/14 00:57:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profilesop84hkh5.default\extensions
[2014/02/14 00:57:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profilesop84hkh5.default\extensions\staged
[2013/12/24 06:40:42 | 000,065,077 | ---- | M] () (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\ffxtlbra@softonic.com.xpi
[2014/02/10 18:44:27 | 000,490,422 | ---- | M] () (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi
[2012/05/25 17:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
[2013/12/29 21:25:31 | 000,002,842 | ---- | M] () (No name found) -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi
[2014/02/15 10:14:35 | 000,004,000 | ---- | M] () -- C:\Users\MAGMAM\AppData\Roaming\Mozilla\Firefox\Profiles\op84hkh5.default\searchplugins\ZenSearch.xml
[2013/08/02 16:05:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.101\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg\8.10_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_28\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\MAGMAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2014/02/22 15:48:54 | 000,000,221 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 anchorfree.net
O1 - Hosts: 127.0.0.1 rss2search.com
O1 - Hosts: 127.0.0.1 techbrowsing.com
O1 - Hosts: 127.0.0.1 box.anchorfree.net
O1 - Hosts: 127.0.0.1 www.mefeedia.com
O1 - Hosts: 127.0.0.3 www.anchorfree.net
O1 - Hosts: 127.0.0.2 www.mefeedia.com
O2 - BHO: (Ginger Grammar & Spell Checker) - {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - C:\Program Files\Ginger\GingerIEAddin\adxloader.dll File not found
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (FoxPro Class) - {598AC71E-BE58-3981-B78A-5C138F423AD6} - C:\Users\MAGMAM\AppData\Roaming\VolIE\FoxPro_32.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Ultra Agent] C:\Program Files\DAEMON Tools Ultra\DTAgent.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_6116CBA5655B8B1266EAB4041CDFAAA1] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [Software Informer] C:\Program Files\Software Informer\softinfo.exe (Informer Technologies, Inc.)
O4 - HKCU..\Run: [SpeedConnectStartUp] C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe (CBS Software)
O4 - HKCU..\Run: [uTorrent] C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [WebcamMaxAutoRun] C:\Program Files\WebcamMax\wcmmon.exe ()
O4 - Startup: C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O9 - Extra Button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.136.58.190 62.209.25.155
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D02B2D8-4A6D-423F-9874-ECF283BB2542}: DhcpNameServer = 83.136.58.190 62.209.25.155
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1999/12/12 00:00:00 | 000,000,041 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2013/09/03 11:39:13 | 000,000,043 | R--- | M] () - J:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2008/11/15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - K:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008/10/11 19:03:48 | 000,000,054 | R--- | M] () - K:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008/11/09 03:32:49 | 000,000,041 | R--- | M] () - L:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2013/05/07 16:57:07 | 000,000,000 | ---D | M] - M:\Autorun -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (AVG)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.bdmpeg - C:\Windows\System32\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\System32\lagarith.dll ( )
Drivers32: vidc.mjpg - C:\Windows\System32\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\System32\bdmpegv.dll ()
Drivers32: vidc.xtor - C:\Windows\System32\DxtoryCodec.dll (Dxtory Software)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/10/06 04:34:45 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\Desktop\GMT.KZ_FIFA_15_Ultimate_Team_Edition
[2014/10/06 02:36:06 | 000,039,624 | ---- | C] (AnchorFree Inc.) -- C:\Windows\System32\drivers\hssdrv6.sys
[2014/10/06 02:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2014/10/06 02:35:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Hotspot Shield
[2014/10/06 02:34:49 | 000,000,000 | ---D | C] -- C:\Program Files\Hotspot Shield
[2014/10/06 02:11:53 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Roaming\Hotspot Shield
[2014/10/03 08:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReMouse Micro
[2014/10/03 08:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\ReMouse Micro
[2014/10/03 08:32:40 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\Documents\AutomaticSolution Software
[2014/10/03 08:28:57 | 001,006,592 | ---- | C] (AutomaticSolution Software ) -- C:\Users\MAGMAM\Desktop\ReMouseMicro-Setup.exe
[2014/09/30 21:28:26 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2014/09/24 04:47:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2014/09/20 03:46:34 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\Documents\New folder
[2014/09/20 00:47:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/09/20 00:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/09/17 20:15:20 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Roaming\RealNetworks
[2014/09/17 20:15:05 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Local\AskPartnerNetwork
[2014/09/17 20:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2014/09/17 20:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\AskPartnerNetwork
[2014/09/17 20:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2014/09/17 20:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2014/09/17 20:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2014/09/17 20:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2014/09/14 23:28:34 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\Documents\My Received Files
[2014/09/14 01:51:12 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
[2014/09/14 01:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\Paltalk Messenger
[2014/09/14 01:41:29 | 001,758,592 | ---- | C] (AVM Software Inc.) -- C:\Users\MAGMAM\Desktop\pal_install_ar_r109860_a3000.exe
[2014/09/12 21:17:21 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Roaming\VolIE
[2014/09/12 21:17:05 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Roaming\ARHome
[2014/09/12 02:35:13 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/09/12 02:35:12 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/09/12 02:35:11 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/09/12 02:35:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014/09/12 02:35:10 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/09/12 02:35:10 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/09/12 02:35:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/09/12 02:35:09 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/09/12 02:35:09 | 000,365,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/09/12 02:35:09 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/09/12 02:35:09 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/09/12 02:35:08 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/09/12 02:35:08 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/09/12 02:35:07 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/09/12 02:35:07 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/09/12 02:35:07 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/09/12 02:35:07 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/09/12 02:35:06 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/09/12 02:35:06 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/09/12 02:35:05 | 000,673,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/09/12 02:35:05 | 000,327,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/09/12 02:34:59 | 004,232,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/09/12 02:34:58 | 002,014,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/09/12 02:32:21 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2014/09/11 15:54:38 | 000,000,000 | ---D | C] -- C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hotspot Shield v2.88 Elite Final Full
[2014/09/11 15:54:12 | 000,000,000 | ---D | C] -- C:\Program Files\S.P.D
[2014/09/11 04:01:30 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014/09/11 04:01:28 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2014/09/11 04:01:25 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/09/11 04:01:25 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2 C:\Users\MAGMAM\Desktop\*.tmp files -> C:\Users\MAGMAM\Desktop\*.tmp -> ]
[18 C:\Users\MAGMAM\Documents\*.tmp files -> C:\Users\MAGMAM\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/10/08 02:16:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/10/08 01:44:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/07 22:22:28 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/10/07 21:58:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/10/07 21:12:00 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2014/10/07 13:44:01 | 000,000,826 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/07 09:19:09 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2014/10/07 09:18:47 | 2370,592,768 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/06 04:15:20 | 000,355,328 | ---- | M] () -- C:\Users\MAGMAM\Desktop\FIFA15Downloader__7934_il2533458.exe
[2014/10/06 02:46:17 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2014/10/06 02:45:38 | 000,000,009 | ---- | M] () -- C:\END
[2014/10/06 02:20:25 | 000,028,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/06 02:20:25 | 000,028,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/06 02:10:17 | 008,052,240 | ---- | M] () -- C:\Users\MAGMAM\Desktop\HSS-3.42-install-hss.exe
[2014/10/05 20:01:36 | 009,083,136 | ---- | M] () -- C:\Users\MAGMAM\Documents\DJ Sharaz - Shake It, Bake It, Booty Quake It _ Facebook.mp4
[2014/10/03 08:32:49 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\ReMouse Micro.lnk
[2014/10/03 08:29:04 | 001,006,592 | ---- | M] (AutomaticSolution Software ) -- C:\Users\MAGMAM\Desktop\ReMouseMicro-Setup.exe
[2014/10/01 22:52:22 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/10/01 22:30:45 | 000,723,764 | ---- | M] () -- C:\Windows\System32\prfh0816.dat
[2014/10/01 22:30:45 | 000,719,346 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2014/10/01 22:30:45 | 000,708,626 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
[2014/10/01 22:30:45 | 000,651,428 | ---- | M] () -- C:\Windows\System32\perfh01F.dat
[2014/10/01 22:30:45 | 000,153,656 | ---- | M] () -- C:\Windows\System32\prfc0816.dat
[2014/10/01 22:30:45 | 000,148,406 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
[2014/10/01 22:30:45 | 000,140,750 | ---- | M] () -- C:\Windows\System32\perfc01F.dat
[2014/10/01 22:30:44 | 000,735,104 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014/10/01 22:30:44 | 000,685,370 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014/10/01 22:30:44 | 000,657,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/10/01 22:30:44 | 000,504,160 | ---- | M] () -- C:\Windows\System32\perfh006.dat
[2014/10/01 22:30:44 | 000,481,930 | ---- | M] () -- C:\Windows\System32\perfh001.dat
[2014/10/01 22:30:44 | 000,156,622 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014/10/01 22:30:44 | 000,151,592 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2014/10/01 22:30:44 | 000,130,982 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014/10/01 22:30:44 | 000,122,894 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/10/01 22:30:44 | 000,099,408 | ---- | M] () -- C:\Windows\System32\perfc006.dat
[2014/10/01 22:30:44 | 000,095,656 | ---- | M] () -- C:\Windows\System32\perfc001.dat
[2014/10/01 22:25:16 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\WinZipDriverUpdater_UPDATES.job
[2014/10/01 02:22:14 | 009,303,162 | ---- | M] () -- C:\Users\MAGMAM\Documents\Benjo Tabora _ Facebook.mp4
[2014/09/30 17:22:24 | 000,011,644 | ---- | M] () -- C:\Users\MAGMAM\Desktop\10704003_1471577439796538_4006392485479956584_n.jpg
[2014/09/30 04:02:07 | 000,009,532 | ---- | M] () -- C:\Users\MAGMAM\Desktop\10629573_814350365252447_3153925028573009385_n.jpg
[2014/09/30 04:01:01 | 000,010,940 | ---- | M] () -- C:\Users\MAGMAM\Desktop\10303294_814333115254172_3127307523454080139_n.jpg
[2014/09/30 03:47:32 | 000,020,954 | ---- | M] () -- C:\Users\MAGMAM\Desktop\10653821_678308628957196_1338467909795394739_n.jpg
[2014/09/24 10:29:37 | 000,045,550 | ---- | M] () -- C:\Users\MAGMAM\Desktop\10653767_889632104447233_5108268957931399378_n.jpg
[2014/09/24 05:16:53 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/09/24 05:16:53 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/09/23 06:20:17 | 012,443,664 | ---- | M] () -- C:\Users\MAGMAM\Documents\Nova 106.9 _ Facebook.mp4
[2014/09/20 00:53:27 | 000,001,012 | ---- | M] () -- C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/09/20 00:53:04 | 000,000,982 | ---- | M] () -- C:\Users\MAGMAM\Desktop\Dropbox.lnk
[2014/09/20 00:47:15 | 000,002,509 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/09/20 00:05:10 | 000,443,504 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/09/19 01:52:01 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/09/18 02:04:36 | 000,423,971 | ---- | M] () -- C:\Users\MAGMAM\Documents\Capturec.PNG
[2014/09/17 20:13:51 | 000,001,012 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014/09/17 20:12:13 | 000,201,800 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2014/09/17 20:11:56 | 000,001,206 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
[2014/09/17 20:11:34 | 000,278,600 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2014/09/16 18:01:41 | 000,002,983 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ginger.lnk
[2014/09/16 18:01:41 | 000,002,949 | ---- | M] () -- C:\Users\Public\Desktop\Ginger.lnk
[2014/09/15 00:21:31 | 000,048,399 | ---- | M] () -- C:\Users\MAGMAM\Documents\Captureb.PNG
[2014/09/14 01:51:13 | 000,001,985 | ---- | M] () -- C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
[2014/09/14 01:51:12 | 000,001,965 | ---- | M] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\Paltalk Messenger.lnk
[2014/09/14 01:51:12 | 000,001,941 | ---- | M] () -- C:\Users\MAGMAM\Desktop\Paltalk Messenger.lnk
[2014/09/14 01:51:12 | 000,001,216 | ---- | M] () -- C:\Users\MAGMAM\Desktop\Upgrade to Paltalk Extreme.lnk
[2014/09/14 01:51:11 | 000,001,216 | ---- | M] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\Upgrade to Paltalk Extreme.lnk
[2014/09/14 01:42:20 | 001,758,592 | ---- | M] (AVM Software Inc.) -- C:\Users\MAGMAM\Desktop\pal_install_ar_r109860_a3000.exe
[2014/09/14 01:34:46 | 000,090,481 | ---- | M] () -- C:\Users\MAGMAM\Documents\Capturea.PNG
[2014/09/12 21:17:45 | 000,001,085 | ---- | M] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
[2014/09/12 21:17:45 | 000,001,061 | ---- | M] () -- C:\Users\MAGMAM\Desktop\FinalMediaPlayer.lnk
[2014/09/12 21:17:17 | 000,004,772 | ---- | M] () -- C:\Users\MAGMAM\AppData\Roaming\ext.crx
[2014/09/12 21:17:13 | 000,003,072 | ---- | M] () -- C:\Users\MAGMAM\AppData\Roaming\chrome-extension.localstorage
[2014/09/11 15:54:39 | 000,002,292 | ---- | M] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\Best VPN Soft Special Offer.lnk
[2014/09/11 15:54:39 | 000,002,268 | ---- | M] () -- C:\Users\MAGMAM\Desktop\Best VPN Soft Special Offer.lnk
[2014/09/11 04:11:11 | 000,070,424 | ---- | M] () -- C:\Users\MAGMAM\Desktop\10511200_769102246518214_3902462020799876321_n.jpg
[2014/09/09 23:47:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2 C:\Users\MAGMAM\Desktop\*.tmp files -> C:\Users\MAGMAM\Desktop\*.tmp -> ]
[18 C:\Users\MAGMAM\Documents\*.tmp files -> C:\Users\MAGMAM\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/10/06 04:15:18 | 000,355,328 | ---- | C] () -- C:\Users\MAGMAM\Desktop\FIFA15Downloader__7934_il2533458.exe
[2014/10/06 02:46:17 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2014/10/06 02:45:37 | 000,000,009 | ---- | C] () -- C:\END
[2014/10/06 02:09:04 | 008,052,240 | ---- | C] () -- C:\Users\MAGMAM\Desktop\HSS-3.42-install-hss.exe
[2014/10/05 20:00:18 | 009,083,136 | ---- | C] () -- C:\Users\MAGMAM\Documents\DJ Sharaz - Shake It, Bake It, Booty Quake It _ Facebook.mp4
[2014/10/03 08:32:49 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\ReMouse Micro.lnk
[2014/10/01 02:20:56 | 009,303,162 | ---- | C] () -- C:\Users\MAGMAM\Documents\Benjo Tabora _ Facebook.mp4
[2014/09/30 17:22:23 | 000,011,644 | ---- | C] () -- C:\Users\MAGMAM\Desktop\10704003_1471577439796538_4006392485479956584_n.jpg
[2014/09/30 04:02:07 | 000,009,532 | ---- | C] () -- C:\Users\MAGMAM\Desktop\10629573_814350365252447_3153925028573009385_n.jpg
[2014/09/30 04:01:00 | 000,010,940 | ---- | C] () -- C:\Users\MAGMAM\Desktop\10303294_814333115254172_3127307523454080139_n.jpg
[2014/09/30 03:46:55 | 000,020,954 | ---- | C] () -- C:\Users\MAGMAM\Desktop\10653821_678308628957196_1338467909795394739_n.jpg
[2014/09/24 10:27:26 | 000,045,550 | ---- | C] () -- C:\Users\MAGMAM\Desktop\10653767_889632104447233_5108268957931399378_n.jpg
[2014/09/23 06:18:37 | 012,443,664 | ---- | C] () -- C:\Users\MAGMAM\Documents\Nova 106.9 _ Facebook.mp4
[2014/09/20 00:47:15 | 000,002,509 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/09/19 01:52:01 | 000,001,060 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014/09/19 01:52:01 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/09/18 02:04:35 | 000,423,971 | ---- | C] () -- C:\Users\MAGMAM\Documents\Capturec.PNG
[2014/09/17 20:13:51 | 000,001,012 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014/09/15 00:21:30 | 000,048,399 | ---- | C] () -- C:\Users\MAGMAM\Documents\Captureb.PNG
[2014/09/14 01:51:13 | 000,001,985 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
[2014/09/14 01:51:12 | 000,001,965 | ---- | C] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\Paltalk Messenger.lnk
[2014/09/14 01:51:12 | 000,001,941 | ---- | C] () -- C:\Users\MAGMAM\Desktop\Paltalk Messenger.lnk
[2014/09/14 01:51:12 | 000,001,216 | ---- | C] () -- C:\Users\MAGMAM\Desktop\Upgrade to Paltalk Extreme.lnk
[2014/09/14 01:51:11 | 000,001,216 | ---- | C] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\Upgrade to Paltalk Extreme.lnk
[2014/09/14 01:34:46 | 000,090,481 | ---- | C] () -- C:\Users\MAGMAM\Documents\Capturea.PNG
[2014/09/12 21:17:17 | 000,004,772 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\ext.crx
[2014/09/12 21:17:13 | 000,003,072 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\chrome-extension.localstorage
[2014/09/11 15:54:39 | 000,002,292 | ---- | C] () -- C:\Users\MAGMAM\Application Data\Microsoft\Internet Explorer\Quick Launch\Best VPN Soft Special Offer.lnk
[2014/09/11 15:54:39 | 000,002,268 | ---- | C] () -- C:\Users\MAGMAM\Desktop\Best VPN Soft Special Offer.lnk
[2014/09/11 04:10:57 | 000,070,424 | ---- | C] () -- C:\Users\MAGMAM\Desktop\10511200_769102246518214_3902462020799876321_n.jpg
[2014/05/29 01:05:15 | 000,000,017 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\brite
[2014/05/19 23:17:31 | 000,000,408 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\CamShapes.ini
[2014/05/19 23:17:31 | 000,000,408 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\CamLayout.ini
[2014/05/19 23:17:31 | 000,000,054 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\Camdata.ini
[2014/05/19 23:13:39 | 000,004,535 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\CamStudio.cfg
[2014/05/19 23:09:10 | 000,000,096 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\version2.xml
[2014/05/06 18:23:16 | 000,723,802 | ---- | C] () -- C:\Windows\System32\unins000.exe
[2014/05/06 18:23:16 | 000,398,136 | ---- | C] () -- C:\Windows\System32\H264Decoder.dll
[2014/05/06 18:23:15 | 000,000,988 | ---- | C] () -- C:\Windows\System32\unins000.dat
[2014/02/20 18:14:02 | 000,179,377 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2014/01/25 18:53:27 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
[2014/01/25 15:06:16 | 000,000,252 | ---- | C] () -- C:\Windows\System32\msdllhlp.dll
[2014/01/23 12:57:59 | 000,091,224 | ---- | C] () -- C:\Windows\tbicd2hd.exe
[2014/01/21 21:50:56 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/01/21 21:50:56 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/01/21 21:50:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/01/21 21:50:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/01/21 21:50:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/01/20 13:19:33 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2014/01/19 08:01:14 | 000,010,729 | ---- | C] () -- C:\Users\MAGMAM\gsview32.ini
[2014/01/14 13:29:02 | 000,000,040 | ---- | C] () -- C:\Windows\gsview32.ini
[2014/01/07 01:40:34 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2014/01/07 01:40:33 | 000,685,370 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2014/01/07 01:40:33 | 000,130,982 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2014/01/07 01:40:33 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2014/01/07 01:40:32 | 000,289,060 | ---- | C] () -- C:\Windows\System32\perfi001.dat
[2014/01/07 01:40:29 | 000,481,930 | ---- | C] () -- C:\Windows\System32\perfh001.dat
[2014/01/07 01:40:29 | 000,095,656 | ---- | C] () -- C:\Windows\System32\perfc001.dat
[2014/01/07 01:40:29 | 000,042,056 | ---- | C] () -- C:\Windows\System32\perfd001.dat
[2013/12/19 00:19:06 | 000,000,027 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\WB.CFG
[2013/11/27 18:41:18 | 000,361,984 | ---- | C] () -- C:\Windows\System32\LiveWrapRTSP.dll
[2013/11/07 02:02:16 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2013/11/07 02:02:12 | 000,077,312 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2013/10/30 03:52:54 | 000,161,880 | ---- | C] () -- C:\Windows\System32\pca-manta.bin
[2013/10/30 03:52:54 | 000,000,092 | ---- | C] () -- C:\Windows\System32\calibration.bin
[2013/10/11 09:18:55 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2013/10/11 09:18:55 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2013/10/11 09:18:54 | 000,001,786 | ---- | C] () -- C:\Windows\unins000.dat
[2013/09/29 00:06:42 | 000,015,585 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\winboard47.ini
[2013/09/29 00:03:48 | 000,015,246 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\winboard_cct.ini
[2013/09/28 22:12:15 | 000,014,654 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\winboard-XQ.ini
[2013/09/28 22:06:53 | 000,015,178 | ---- | C] () -- C:\Users\MAGMAM\AppData\Roaming\winboard_ics.ini
[2013/09/24 02:24:01 | 000,000,588 | ---- | C] () -- C:\Users\MAGMAM\Xilinx_Connect_Later.html
[2013/08/15 20:26:19 | 000,735,104 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2013/08/15 20:26:19 | 000,723,764 | ---- | C] () -- C:\Windows\System32\prfh0816.dat
[2013/08/15 20:26:19 | 000,719,346 | ---- | C] () -- C:\Windows\System32\perfh019.dat
[2013/08/15 20:26:19 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2013/08/15 20:26:19 | 000,336,704 | ---- | C] () -- C:\Windows\System32\perfi019.dat
[2013/08/15 20:26:19 | 000,336,656 | ---- | C] () -- C:\Windows\System32\prfi0816.dat
[2013/08/15 20:26:19 | 000,156,622 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2013/08/15 20:26:19 | 000,153,656 | ---- | C] () -- C:\Windows\System32\prfc0816.dat
[2013/08/15 20:26:19 | 000,151,592 | ---- | C] () -- C:\Windows\System32\perfc019.dat
[2013/08/15 20:26:19 | 000,040,548 | ---- | C] () -- C:\Windows\System32\prfd0816.dat
[2013/08/15 20:26:19 | 000,039,446 | ---- | C] () -- C:\Windows\System32\perfd019.dat
[2013/08/15 20:26:19 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2013/08/15 20:26:18 | 000,708,626 | ---- | C] () -- C:\Windows\System32\prfh0416.dat
[2013/08/15 20:26:18 | 000,504,160 | ---- | C] () -- C:\Windows\System32\perfh006.dat
[2013/08/15 20:26:18 | 000,323,154 | ---- | C] () -- C:\Windows\System32\prfi0416.dat
[2013/08/15 20:26:18 | 000,306,636 | ---- | C] () -- C:\Windows\System32\perfi006.dat
[2013/08/15 20:26:18 | 000,148,406 | ---- | C] () -- C:\Windows\System32\prfc0416.dat
[2013/08/15 20:26:18 | 000,099,408 | ---- | C] () -- C:\Windows\System32\perfc006.dat
[2013/08/15 20:26:18 | 000,039,236 | ---- | C] () -- C:\Windows\System32\perfd006.dat
[2013/08/15 20:26:18 | 000,038,536 | ---- | C] () -- C:\Windows\System32\prfd0416.dat
[2013/08/14 19:44:58 | 000,285,034 | ---- | C] () -- C:\Windows\System32\perfi01F.dat
[2013/08/14 19:44:57 | 000,651,428 | ---- | C] () -- C:\Windows\System32\perfh01F.dat
[2013/08/14 19:44:57 | 000,037,160 | ---- | C] () -- C:\Windows\System32\perfd01F.dat
[2013/08/14 19:44:56 | 000,140,750 | ---- | C] () -- C:\Windows\System32\perfc01F.dat
[2013/08/07 17:16:18 | 000,007,595 | ---- | C] () -- C:\Users\MAGMAM\AppData\Local\Resmon.ResmonCfg
[2013/08/07 03:45:09 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2013/08/05 08:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2013/08/05 08:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2013/08/02 17:48:08 | 000,001,246 | RHS- | C] () -- C:\Users\MAGMAM\ntuser.pol
[2013/08/02 17:25:27 | 000,000,170 | ---- | C] () -- C:\Users\MAGMAM\.packettracer
[2013/03/09 01:32:48 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin
[2013/03/01 03:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2012/12/14 02:02:20 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin
[2012/12/14 02:02:20 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012/12/14 02:02:20 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012/12/14 02:02:16 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin
[2012/11/28 09:42:06 | 001,826,784 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2012/11/28 09:42:06 | 000,026,464 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012/11/28 09:42:06 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2011/03/24 08:50:52 | 000,226,366 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
========== ZeroAccess Check ==========
[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/01/23 10:52:09 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\1O1L1I1PtF1F1C1N
[2014/05/18 03:50:36 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Acapela Group
[2014/05/19 22:41:32 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Apowersoft
[2014/02/20 04:05:12 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Arduino
[2014/09/12 22:21:11 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\ARHome
[2014/04/28 09:27:16 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\AVG
[2014/04/28 08:52:45 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\AVG2014
[2013/08/31 01:10:23 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Baidu Security
[2013/10/11 09:52:46 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\BANDISOFT
[2013/12/29 21:25:57 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Bonanza
[2013/09/28 14:17:12 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\C-Free
[2013/10/15 09:09:33 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\DAEMON Tools Ult
[2013/11/14 16:29:40 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\DAEMON Tools Ultra
[2014/05/20 10:34:40 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\DefaultTab
[2014/01/21 07:29:45 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Design Science
[2013/08/13 14:13:30 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Downloaded Installations
[2014/10/07 09:21:39 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Dropbox
[2014/01/22 08:28:08 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\FileOpen
[2013/12/16 00:04:39 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\FileZilla
[2014/08/18 15:33:56 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\FinalMediaPlayer
[2014/01/23 13:47:53 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\GenuineRegistryDoctor
[2014/10/06 02:11:53 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Hotspot Shield
[2014/01/20 12:58:49 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Joyvy
[2013/10/15 02:49:27 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\MetalPlayer
[2014/02/14 01:00:33 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\MiniGet
[2014/04/12 16:04:39 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Nitro
[2014/06/13 11:44:34 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Nitro PDF
[2014/10/07 22:52:30 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Notepad++
[2014/09/14 03:50:48 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Paltalk
[2013/09/22 01:34:54 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\ShredderChess
[2014/10/08 02:43:47 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Software Informer
[2013/08/07 12:20:22 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Synaptics
[2014/05/17 03:34:40 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\TeamViewer
[2014/01/27 00:38:08 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\texstudio
[2014/02/26 12:44:09 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\The Creative Assembly
[2014/04/03 01:08:24 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Thinstall
[2013/11/14 16:29:50 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\TuneUp Software
[2014/10/08 02:07:22 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\uTorrent
[2014/06/25 04:43:18 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Vodafone
[2014/09/12 21:17:22 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\VolIE
[2014/02/17 16:17:09 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\WebcamMax
[2014/01/31 03:16:48 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\WinZip
[2014/04/30 03:52:03 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Wireshark
[2014/05/26 15:52:37 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Wise Game Booster
[2013/09/24 04:08:01 | 000,000,000 | ---D | M] -- C:\Users\MAGMAM\AppData\Roaming\Xilinx
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2009/07/13 18:51:38 | 000,004,127 | ---- | M] () MD5=11D428A7E849CB86FC03D5CCCBB49BAB -- C:\Windows\PolicyDefinitions\pt-BR\Explorer.adml
[2009/07/13 18:51:38 | 000,004,127 | ---- | M] () MD5=11D428A7E849CB86FC03D5CCCBB49BAB -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_24730c3a385d056d\Explorer.adml
[2009/07/13 18:48:32 | 000,005,858 | ---- | M] () MD5=18E3D562E7E80B329AE5309E368FD567 -- C:\Windows\PolicyDefinitions\ru-RU\Explorer.adml
[2009/07/13 18:48:32 | 000,005,858 | ---- | M] () MD5=18E3D562E7E80B329AE5309E368FD567 -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_6bf7ed6a1cae0375\Explorer.adml
[2010/11/21 02:38:36 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\PolicyDefinitions\en-US\Explorer.adml
[2010/11/21 02:38:36 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_22d6d5b5cba907ce\Explorer.adml
[2009/07/13 18:48:48 | 000,004,323 | ---- | M] () MD5=8B464AD7793D75D23C8A4EAAA337133D -- C:\Windows\PolicyDefinitions\pt-PT\Explorer.adml
[2009/07/13 18:48:48 | 000,004,323 | ---- | M] () MD5=8B464AD7793D75D23C8A4EAAA337133D -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_2554dba637cc7549\Explorer.adml
[2009/07/13 18:43:52 | 000,004,222 | ---- | M] () MD5=8C8B21F6E582CE8E6A903BF78A8F30A4 -- C:\Windows\PolicyDefinitions\pl-PL\Explorer.adml
[2009/07/13 18:43:52 | 000,004,222 | ---- | M] () MD5=8C8B21F6E582CE8E6A903BF78A8F30A4 -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_221f219639d37189\Explorer.adml
[2009/07/13 18:45:34 | 000,005,115 | ---- | M] () MD5=91DBE271E48163962985E79F116E9EBA -- C:\Windows\PolicyDefinitions\ar-SA\Explorer.adml
[2009/07/13 18:45:34 | 000,005,115 | ---- | M] () MD5=91DBE271E48163962985E79F116E9EBA -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_8e37323606a67dee\Explorer.adml
[2009/07/13 18:46:34 | 000,003,899 | ---- | M] () MD5=CCBB9E6634BFB875E7EEC651EE423C7D -- C:\Windows\PolicyDefinitions\da-DK\Explorer.adml
[2009/07/13 18:46:34 | 000,003,899 | ---- | M] () MD5=CCBB9E6634BFB875E7EEC651EE423C7D -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_7cba6a80daf4a76f\Explorer.adml
[2009/07/13 18:51:38 | 000,004,042 | ---- | M] () MD5=D27774F906BAD75420F5C0AC0A31911A -- C:\Windows\PolicyDefinitions\tr-TR\Explorer.adml
[2009/07/13 18:51:38 | 000,004,042 | ---- | M] () MD5=D27774F906BAD75420F5C0AC0A31911A -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_b100222602930fc1\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2009/06/10 23:34:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx
[2009/06/10 23:34:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\x86_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_1590ffd752297581\Explorer.admx
< MD5 for: EXPLORER.BH3 >
[2003/04/19 01:57:40 | 000,014,023 | ---- | M] () MD5=7A8BC9CC3B897C66F90F94952EE1F40E -- C:\Program Files (x86)\Microsoft Games\Rise of Nations\art\explorer.bh3
[2003/04/19 01:57:40 | 000,014,023 | ---- | M] () MD5=7A8BC9CC3B897C66F90F94952EE1F40E -- C:\Program Files\Microsoft Games\Rise of Nations\art\explorer.bh3
< MD5 for: EXPLORER.BMP >
[2001/08/03 10:44:58 | 000,000,886 | ---- | M] () MD5=A69B77C6B94CB3F0AE2077FDEEC2A6CD -- C:\Program Files\WinEdt Team\WinEdt\Bitmaps\Images\Explorer.bmp
[2001/08/03 10:44:58 | 000,001,398 | ---- | M] () MD5=F7347D709D614D76A51526BD430FE961 -- C:\Program Files\WinEdt Team\WinEdt\Bitmaps\Buttons\Explorer.bmp
< MD5 for: EXPLORER.EXE >
[2011/05/13 01:00:16 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010/11/20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/05/13 01:00:16 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe
[2011/05/13 01:00:16 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/05/13 01:00:16 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
< MD5 for: EXPLORER.EXE.5344.DMP >
[2014/10/08 01:43:08 | 001,408,513 | ---- | M] () MD5=52A9274C34C81CE607A6252C05B17C22 -- C:\Users\MAGMAM\AppData\Local\CrashDumps\explorer.exe.5344.dmp
< MD5 for: EXPLORER.EXE.MUI >
[2009/07/13 18:43:20 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=3F17C383DA8DB4A20F404BB1F506EC88 -- C:\Windows\tr-TR\explorer.exe.mui
[2009/07/13 18:43:20 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=3F17C383DA8DB4A20F404BB1F506EC88 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_93f229b10bdf6858\explorer.exe.mui
[2009/07/13 18:42:18 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4435076659C5283C7C8019B8F840AF66 -- C:\Windows\th-TH\explorer.exe.mui
[2009/07/13 18:42:18 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4435076659C5283C7C8019B8F840AF66 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_th-th_8fef011d0e6823a8\explorer.exe.mui
[2009/07/13 18:29:40 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=5C2E519A4194C91460DB9550F1EE0ED9 -- C:\Windows\bg-BG\explorer.exe.mui
[2009/07/13 18:29:40 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=5C2E519A4194C91460DB9550F1EE0ED9 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_bg-bg_17691b4a007327dc\explorer.exe.mui
[2009/07/13 18:43:18 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=6934C2A4C47AF9F13639699A09EE2D82 -- C:\Windows\pl-PL\explorer.exe.mui
[2009/07/13 18:43:18 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=6934C2A4C47AF9F13639699A09EE2D82 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_05112921431fca20\explorer.exe.mui
[2009/07/13 18:43:32 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=6FDFAFAAD57AD782AA22E5B68B2A01B7 -- C:\Windows\pt-BR\explorer.exe.mui
[2009/07/13 18:43:32 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=6FDFAFAAD57AD782AA22E5B68B2A01B7 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_076513c541a95e04\explorer.exe.mui
[2009/07/13 18:48:22 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=9FCCBA67F24566B16CD8163FD9256B50 -- C:\Windows\pt-PT\explorer.exe.mui
[2009/07/13 18:48:22 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=9FCCBA67F24566B16CD8163FD9256B50 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_0846e3314118cde0\explorer.exe.mui
[2010/11/21 02:38:27 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\en-US\explorer.exe.mui
[2010/11/21 02:38:27 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_05c8dd40d4f56065\explorer.exe.mui
[2009/07/13 18:42:30 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=C615E52F17720AE29F027EF1E6A31EBA -- C:\Windows\ro-RO\explorer.exe.mui
[2009/07/13 18:42:30 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=C615E52F17720AE29F027EF1E6A31EBA -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_ro-ro_4c81a969277f993c\explorer.exe.mui
[2009/07/13 18:48:08 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=C8A97DC216E7986AF093FB639118D404 -- C:\Windows\ru-RU\explorer.exe.mui
[2009/07/13 18:48:08 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=C8A97DC216E7986AF093FB639118D404 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_4ee9f4f525fa5c0c\explorer.exe.mui
[2009/07/13 18:45:02 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=D237C6B971800772656BD65BD6DCF096 -- C:\Windows\ar-SA\explorer.exe.mui
[2009/07/13 18:45:02 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=D237C6B971800772656BD65BD6DCF096 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_712939c10ff2d685\explorer.exe.mui
[2009/07/13 18:46:10 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=D51032E556CC1CE31308EAA666F23D07 -- C:\Windows\da-DK\explorer.exe.mui
[2009/07/13 18:46:10 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=D51032E556CC1CE31308EAA666F23D07 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_5fac720be4410006\explorer.exe.mui
< MD5 for: EXPLORER.EXE-A80E4F97.PF >
[2014/10/07 23:27:16 | 000,049,488 | ---- | M] () MD5=A3BCBC89228E9E1BEF7A23D2709A87AA -- C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
< MD5 for: EXPLORER.TGA >
[2003/04/19 01:57:40 | 000,016,115 | ---- | M] () MD5=7257E1D90C422A75F20E1FFEFB959889 -- C:\Program Files (x86)\Microsoft Games\Rise of Nations\art\explorer.tga
[2003/04/19 01:57:40 | 000,016,115 | ---- | M] () MD5=7257E1D90C422A75F20E1FFEFB959889 -- C:\Program Files\Microsoft Games\Rise of Nations\art\explorer.tga
< MD5 for: EXPLORER.ZIP >
[2009/06/04 05:15:06 | 000,020,394 | ---- | M] () MD5=B469409C2B2A33C542190B720E11BD79 -- C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip
[2009/06/03 19:15:06 | 000,020,394 | ---- | M] () MD5=B469409C2B2A33C542190B720E11BD79 -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip
< MD5 for: IEXPLORE.EXE >
[2014/03/08 03:59:00 | 000,811,728 | ---- | M] (Microsoft Corporation) MD5=0667ED9F8E905E1F73DB60ACCEDCBCA7 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17041_none_1f1cb5860a5394ee\iexplore.exe
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\iexplore.exe
[2013/06/12 02:23:57 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2013/08/03 10:37:20 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_ba672fa865e3902d\iexplore.exe
[2013/05/29 05:32:47 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=33E62E4EFC2ACA8EC63A8926F26D3889 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20606_none_b1da3f12e114fd0b\iexplore.exe
[2013/08/10 06:18:11 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=37287D98A1BF5D56AA729CEB9B27C6B1 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_ba6c1a5265df2881\iexplore.exe
[2014/03/02 00:02:17 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=3A3BEA53F039CE2E997A918E26E30B1D -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16521_none_1ee4a3700a7df0ce\iexplore.exe
[2014/02/07 00:24:01 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=4263F6C131E513CEA1AE82B5B81A4E1A -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16518_none_1ee303ae0a7f8ade\iexplore.exe
[2013/08/10 07:13:42 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=48A1306191216997F717C451B8D15139 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_a394d1a47f8d8a3c\iexplore.exe
[2014/06/02 06:43:13 | 000,812,248 | ---- | M] (Microsoft Corporation) MD5=60F88F6CA6303E8273AF7AAA9AAFECAC -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17126_none_1f0f731e0a5dfe56\iexplore.exe
[2013/07/26 05:49:06 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=7BA1862B8A5698DC5FCFDFF3BC359DE9 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_ba6aa26e65e05c0d\iexplore.exe
[2011/05/13 00:56:29 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_b135ff17c80c1949\iexplore.exe
[2013/10/12 09:16:06 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=9DFE1678738DD968D7BA5559B52706D1 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_a384a5267f9a8dfe\iexplore.exe
[2010/11/20 23:29:33 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_b5780d7c8309d95c\iexplore.exe
[2013/11/29 15:59:40 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\erdnt\cache\iexplore.exe
[2013/11/29 15:59:40 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_1eeed3e40a768844\iexplore.exe
[2014/06/20 21:39:54 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=CD900EFB4F8946A2BB1950D9F45915C2 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17207_none_1f028bd60a68013a\iexplore.exe
[2014/08/01 01:16:35 | 000,812,224 | ---- | M] (Microsoft Corporation) MD5=CDF01A5C7927786A708EAEE91F14797B -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17239_none_1f055f240a658081\iexplore.exe
[2013/09/23 01:54:30 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=D6B7DDB68436F13C3CAE2B92524F1FEC -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_ba5bba9265ec2c43\iexplore.exe
[2013/10/12 09:44:13 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=D7D5768B8A697FCBAEE2CFE137070F02 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_ba5c48f465ebc5bf\iexplore.exe
[2013/09/23 02:01:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=DB352EBF77E8655E0C46B6923F3C9950 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_a38444547f9ac140\iexplore.exe
[2013/07/26 07:09:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=E70D60B3A350BD09D86CDAD9CF55F36B -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_a39175a67f90a4bb\iexplore.exe
[2013/05/29 04:24:32 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=EE12BA876C4190532A4085994BA9B616 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16496_none_b0ef5115c8405b93\iexplore.exe
[2014/08/19 19:39:25 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=EEA63B8CF19E59C4A51AD2D9A59DDA25 -- C:\Program Files\Internet Explorer\iexplore.exe
[2014/08/19 19:39:25 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=EEA63B8CF19E59C4A51AD2D9A59DDA25 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17280_none_1f0b2d9e0a60188b\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2013/11/29 16:02:23 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=0932AA1AD993263E2E56F3B56CD3B9DD -- C:\Program Files\Internet Explorer\tr-TR\iexplore.exe.mui
[2013/11/29 16:02:23 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=0932AA1AD993263E2E56F3B56CD3B9DD -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_tr-tr_a6c4b5cb790dd11e\iexplore.exe.mui
[2013/11/29 16:14:43 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=09B21C551BD19C9A11026B198A064B31 -- C:\Program Files\Internet Explorer\th-TH\iexplore.exe.mui
[2013/11/29 16:14:43 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=09B21C551BD19C9A11026B198A064B31 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_th-th_a2c18d377b968c6e\iexplore.exe.mui
[2013/11/29 15:59:42 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/11/29 15:59:42 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_189b695b4223c92b\iexplore.exe.mui
[2009/07/13 17:41:20 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=0EF97FB20FD19F9FDB175948E68800C1 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_pl-pl_ae6ceed428e183fe\iexplore.exe.mui
[2009/07/13 17:33:10 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=12C68FA60C64C2A5256BB945D3D2EFB8 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_th-th_394ac6cff429dd86\iexplore.exe.mui
[2013/11/29 16:13:12 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=2AEF0D19FCA781DE91ADCB75D48FE897 -- C:\Program Files\Internet Explorer\ru-RU\iexplore.exe.mui
[2013/11/29 16:13:12 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=2AEF0D19FCA781DE91ADCB75D48FE897 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_ru-ru_61bc810f9328c4d2\iexplore.exe.mui
[2009/07/13 17:35:30 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=3C6ACA369FFF1767AB30D03A23976F94 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_bg-bg_c0c4e0fce634e1ba\iexplore.exe.mui
[2011/05/13 00:56:29 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_aae2948effb95a30\iexplore.exe.mui
[2009/07/13 17:49:40 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=4F5AB163F1D2026CF41EB1C44CD70F21 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_pt-br_b0c0d978276b17e2\iexplore.exe.mui
[2013/11/29 16:10:11 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=5EA584A09C5A9F7C1F122B8D758B8C1D -- C:\Program Files\Internet Explorer\da-DK\iexplore.exe.mui
[2013/11/29 16:10:11 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=5EA584A09C5A9F7C1F122B8D758B8C1D -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_da-dk_727efe26516f68cc\iexplore.exe.mui
[2009/07/13 17:49:02 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=6A3BEAC445371FE174ED49664E8DB86F -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_tr-tr_3d4def63f1a12236\iexplore.exe.mui
[2009/07/13 17:37:04 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=6A4942DE97D5C7053B0174EC820F0F60 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_da-dk_090837beca02b9e4\iexplore.exe.mui
[2013/11/29 16:05:36 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=79A9B3211174D45EEC11ED5611EE965D -- C:\Program Files\Internet Explorer\pl-PL\iexplore.exe.mui
[2013/11/29 16:05:36 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=79A9B3211174D45EEC11ED5611EE965D -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_pl-pl_17e3b53bb04e32e6\iexplore.exe.mui
[2009/07/13 17:39:54 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=7E597787327BCC4F5EF5ACED68146DC6 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_pt-pt_b1a2a8e426da87be\iexplore.exe.mui
[2013/03/30 12:11:20 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2013/08/03 10:37:20 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_b41defe19d893548\iexplore.exe.mui
[2009/07/13 17:32:32 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=9237D5B1F00C05B7AD88D559A6F73377 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_ro-ro_f5dd6f1c0d41531a\iexplore.exe.mui
[2009/07/13 17:39:10 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=9A35E917E4B5C27A51B756BAF7D7F815 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_ru-ru_f845baa80bbc15ea\iexplore.exe.mui
[2013/11/29 16:03:54 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=A477F8F74F549BBF798E2DB193EB0DBB -- C:\Program Files\Internet Explorer\pt-PT\iexplore.exe.mui
[2013/11/29 16:03:54 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=A477F8F74F549BBF798E2DB193EB0DBB -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_pt-pt_1b196f4bae4736a6\iexplore.exe.mui
[2013/11/29 16:15:17 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=A8A118655EAAC902111CC859B56A1B20 -- C:\Program Files\Internet Explorer\bg-BG\iexplore.exe.mui
[2013/11/29 16:15:17 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=A8A118655EAAC902111CC859B56A1B20 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_bg-bg_2a3ba7646da190a2\iexplore.exe.mui
[2013/11/29 16:11:51 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=AA961A309B4A5E877E2EF217EE4097A1 -- C:\Program Files\Internet Explorer\ro-RO\iexplore.exe.mui
[2013/11/29 16:11:51 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=AA961A309B4A5E877E2EF217EE4097A1 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_ro-ro_5f54358394ae0202\iexplore.exe.mui
[2013/11/29 16:08:43 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=AC01ED6E0675DD94EB7A0CA60BECF933 -- C:\Program Files\Internet Explorer\pt-BR\iexplore.exe.mui
[2013/11/29 16:08:43 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=AC01ED6E0675DD94EB7A0CA60BECF933 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_pt-br_1a379fdfaed7c6ca\iexplore.exe.mui
[2009/07/13 17:35:22 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=E744B41E15F382EE38057D5559574DF8 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_ar-sa_1a84ff73f5b49063\iexplore.exe.mui
[2009/07/14 04:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_af24a2f3bab71a43\iexplore.exe.mui
[2014/05/03 17:18:16 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FDC8BC1FF3993673FD148FD1119FE78E -- C:\Program Files\Internet Explorer\ar-SA\iexplore.exe.mui
[2014/05/03 17:18:16 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FDC8BC1FF3993673FD148FD1119FE78E -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_ar-sa_83fbc5db7d213f4b\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-908C99F8.PF >
[2014/10/07 22:34:32 | 000,070,976 | ---- | M] () MD5=5323255CDFF1AFB1894BE15AF498E4BC -- C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
< MD5 for: SERVICES >
[2013/06/05 19:48:34 | 002,557,368 | ---- | M] () MD5=0BD54F76704E0E4302947C6D531C6297 -- C:\Program Files (x86)\Wireshark\services
[2014/04/20 19:03:18 | 000,930,834 | ---- | M] () MD5=3F8D39D7F13AC4D479BED1C1D456E013 -- C:\Program Files\Wireshark\services
[2009/06/10 23:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/10 23:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services
< MD5 for: SERVICES.EXE >
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\erdnt\cache\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 02:38:26 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2010/11/21 02:38:26 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui
[2009/07/13 18:47:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0F006BAEB5F7BF8128B634046B6AFC20 -- C:\Windows\System32\ru-RU\services.exe.mui
[2009/07/13 18:47:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0F006BAEB5F7BF8128B634046B6AFC20 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_b2f4b4eed84dbed9\services.exe.mui
[2009/07/13 18:41:32 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=13D87E1A0FCE47C4743C2DED1F569F52 -- C:\Windows\System32\ro-RO\services.exe.mui
[2009/07/13 18:41:32 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=13D87E1A0FCE47C4743C2DED1F569F52 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ro-ro_b08c6962d9d2fc09\services.exe.mui
[2009/07/13 18:29:26 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=246EC174DA214349EF15DC8183BFE32D -- C:\Windows\System32\bg-BG\services.exe.mui
[2009/07/13 18:29:26 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=246EC174DA214349EF15DC8183BFE32D -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_bg-bg_7b73db43b2c68aa9\services.exe.mui
[2009/07/13 18:43:52 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=33F631CFD6AEBF0F4EA34E7AA7484CEF -- C:\Windows\System32\da-DK\services.exe.mui
[2009/07/13 18:43:52 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=33F631CFD6AEBF0F4EA34E7AA7484CEF -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_c3b73205969462d3\services.exe.mui
[2009/07/13 18:34:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6826E85A4586EFAC6121261AA68CAC3C -- C:\Windows\System32\th-TH\services.exe.mui
[2009/07/13 18:34:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6826E85A4586EFAC6121261AA68CAC3C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_th-th_f3f9c116c0bb8675\services.exe.mui
[2009/07/13 18:44:10 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=6D8E63A4DB8C1761AD4440C7D1818CF4 -- C:\Windows\System32\ar-SA\services.exe.mui
[2009/07/13 18:44:10 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=6D8E63A4DB8C1761AD4440C7D1818CF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_d533f9bac2463952\services.exe.mui
[2009/07/13 18:50:14 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=A23ED3C2245080D27C9ED860C2837B42 -- C:\Windows\System32\pl-PL\services.exe.mui
[2009/07/13 18:50:14 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=A23ED3C2245080D27C9ED860C2837B42 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_691be91af5732ced\services.exe.mui
[2009/07/13 18:47:30 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B8C084BB518768C7F4B8428A51686D55 -- C:\Windows\System32\pt-PT\services.exe.mui
[2009/07/13 18:47:30 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B8C084BB518768C7F4B8428A51686D55 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_6c51a32af36c30ad\services.exe.mui
[2009/07/13 18:42:32 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=C92BECF5C5A6E982E4005445183F604F -- C:\Windows\System32\tr-TR\services.exe.mui
[2009/07/13 18:42:32 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=C92BECF5C5A6E982E4005445183F604F -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_f7fce9aabe32cb25\services.exe.mui
[2009/07/13 18:42:32 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=DF8309CE62330C8D8AFBAA936531DA93 -- C:\Windows\System32\pt-BR\services.exe.mui
[2009/07/13 18:42:32 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=DF8309CE62330C8D8AFBAA936531DA93 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_6b6fd3bef3fcc0d1\services.exe.mui
< MD5 for: SERVICES.FRM >
[2012/09/21 17:12:26 | 000,008,820 | ---- | M] () MD5=DCEB8781CA633992CB031D74110A604E -- C:\Program Files (x86)\ManageEngine\OpManager\mysql\data\opmanagerdb\services.frm
< MD5 for: SERVICES.LNK >
[2009/07/14 06:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 06:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.M >
[2008/11/10 21:53:30 | 000,024,015 | ---- | M] () MD5=31ECE8300894A8BBD2B512625FC85011 -- C:\Program Files\Wolfram Research\Mathematica\7.0\SystemFiles\Autoload\PacletManager\Kernel\Services.m
< MD5 for: SERVICES.MOF >
[2009/06/10 23:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/10 23:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof
< MD5 for: SERVICES.MSC >
[2009/07/13 18:36:10 | 000,092,790 | ---- | M] () MD5=20037594600FF469A209FA3465ECBA8A -- C:\Windows\System32\ru-RU\services.msc
[2009/07/13 18:36:10 | 000,092,790 | ---- | M] () MD5=20037594600FF469A209FA3465ECBA8A -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_ed3684daaeb758cc\services.msc
[2009/07/13 18:41:10 | 000,092,751 | ---- | M] () MD5=45061F4B05648B0549C709E431A9D33F -- C:\Windows\System32\da-DK\services.msc
[2009/07/13 18:41:10 | 000,092,751 | ---- | M] () MD5=45061F4B05648B0549C709E431A9D33F -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_fdf901f16cfdfcc6\services.msc
[2010/11/21 02:38:25 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2010/11/21 02:38:25 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
[2009/07/13 18:40:10 | 000,092,781 | ---- | M] () MD5=8AE3EDA71772B6C307111DCC9336F8C8 -- C:\Windows\System32\ar-SA\services.msc
[2009/07/13 18:40:10 | 000,092,781 | ---- | M] () MD5=8AE3EDA71772B6C307111DCC9336F8C8 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_0f75c9a698afd345\services.msc
[2009/07/13 18:45:44 | 000,092,758 | ---- | M] () MD5=A513B67E9C7A17FEE1126FDD0677434E -- C:\Windows\System32\tr-TR\services.msc
[2009/07/13 18:45:44 | 000,092,758 | ---- | M] () MD5=A513B67E9C7A17FEE1126FDD0677434E -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_323eb996949c6518\services.msc
[2009/07/13 18:37:46 | 000,092,756 | ---- | M] () MD5=C32B37F3C50BF058FC4860267DB4CD56 -- C:\Windows\System32\pl-PL\services.msc
[2009/07/13 18:37:46 | 000,092,756 | ---- | M] () MD5=C32B37F3C50BF058FC4860267DB4CD56 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_a35db906cbdcc6e0\services.msc
[2009/07/13 18:44:26 | 000,092,750 | ---- | M] () MD5=D10CEC9EE745D47F175851A96897BA51 -- C:\Windows\System32\pt-PT\services.msc
[2009/07/13 18:44:26 | 000,092,750 | ---- | M] () MD5=D10CEC9EE745D47F175851A96897BA51 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_a6937316c9d5caa0\services.msc
[2009/07/13 18:46:26 | 000,092,750 | ---- | M] () MD5=D2C49D7047664C51A9183D4A34C9008C -- C:\Windows\System32\pt-BR\services.msc
[2009/07/13 18:46:26 | 000,092,750 | ---- | M] () MD5=D2C49D7047664C51A9183D4A34C9008C -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_a5b1a3aaca665ac4\services.msc
< MD5 for: SERVICES.PNG >
[2012/07/04 14:15:54 | 000,001,772 | ---- | M] () MD5=A2543F2B616F782FFB08BD76F89EE544 -- C:\Program Files (x86)\ManageEngine\OpManager\webclient\devices\images\Services.png
< MD5 for: SERVICES.PTXML >
[2009/07/13 22:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 22:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml
< MD5 for: SERVICES.TICO >
[2009/09/25 14:00:00 | 000,002,038 | ---- | M] () MD5=D669B1B2EBE288A61680C3C863828D28 -- C:\Program Files\AVG\AVG PC TuneUp\data\services.tico
< MD5 for: SERVICES.XML >
[2012/07/04 14:15:56 | 000,000,588 | ---- | M] () MD5=560829A05258CE86EE5517B5AE30CFEC -- C:\Program Files (x86)\ManageEngine\OpManager\conf\services.xml
< MD5 for: WINLOGON.ADML >
[2009/07/13 18:39:58 | 000,013,486 | ---- | M] () MD5=0C0FE7ABF455EC3BCBE3EE70EE01E948 -- C:\Windows\PolicyDefinitions\ru-RU\WinLogon.adml
[2009/07/13 18:39:58 | 000,013,486 | ---- | M] () MD5=0C0FE7ABF455EC3BCBE3EE70EE01E948 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_ddfb7f5f8f3a8ae1\WinLogon.adml
[2009/07/13 18:43:58 | 000,012,218 | ---- | M] () MD5=110C3B16C987CCCE651A623DF8943DEE -- C:\Windows\PolicyDefinitions\ar-SA\WinLogon.adml
[2009/07/13 18:43:58 | 000,012,218 | ---- | M] () MD5=110C3B16C987CCCE651A623DF8943DEE -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_003ac42b7933055a\WinLogon.adml
[2009/07/13 18:49:50 | 000,009,285 | ---- | M] () MD5=24253B0728C6EFB515839DBF8E74DF3F -- C:\Windows\PolicyDefinitions\pl-PL\WinLogon.adml
[2009/07/13 18:49:50 | 000,009,285 | ---- | M] () MD5=24253B0728C6EFB515839DBF8E74DF3F -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_9422b38bac5ff8f5\WinLogon.adml
[2009/07/13 18:40:52 | 000,009,721 | ---- | M] () MD5=392A832C05008717B119B1A156C836B8 -- C:\Windows\PolicyDefinitions\pt-PT\WinLogon.adml
[2009/07/13 18:40:52 | 000,009,721 | ---- | M] () MD5=392A832C05008717B119B1A156C836B8 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_97586d9baa58fcb5\WinLogon.adml
[2009/07/13 18:44:54 | 000,008,821 | ---- | M] () MD5=39FE1BDAD812A44C3003778EC1DDB269 -- C:\Windows\PolicyDefinitions\da-DK\WinLogon.adml
[2009/07/13 18:44:54 | 000,008,821 | ---- | M] () MD5=39FE1BDAD812A44C3003778EC1DDB269 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_eebdfc764d812edb\WinLogon.adml
[2009/07/13 18:50:40 | 000,008,891 | ---- | M] () MD5=498099F2EFD6B1499575582C58B87D34 -- C:\Windows\PolicyDefinitions\pt-BR\WinLogon.adml
[2009/07/13 18:50:40 | 000,008,891 | ---- | M] () MD5=498099F2EFD6B1499575582C58B87D34 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_96769e2faae98cd9\WinLogon.adml
[2010/11/21 02:38:36 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\PolicyDefinitions\en-US\WinLogon.adml
[2010/11/21 02:38:36 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_94da67ab3e358f3a\WinLogon.adml
[2009/07/13 18:49:50 | 000,009,229 | ---- | M] () MD5=ED7BD76407AA339F2A4D2532884D0255 -- C:\Windows\PolicyDefinitions\tr-TR\WinLogon.adml
[2009/07/13 18:49:50 | 000,009,229 | ---- | M] () MD5=ED7BD76407AA339F2A4D2532884D0255 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_2303b41b751f972d\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2009/06/10 23:43:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\PolicyDefinitions\WinLogon.admx
[2009/06/10 23:43:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_7ae3b2e5da95d117\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2010/11/20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe
[2010/11/20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2014/03/04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\System32\winlogon.exe
[2014/03/04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014/03/04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2010/11/20 04:47:30 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=01C32D1482344A54336F63095AD0318B -- C:\Windows\System32\tr-TR\winlogon.exe.mui
[2010/11/20 04:47:30 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=01C32D1482344A54336F63095AD0318B -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_tr-tr_5b2947e699429338\winlogon.exe.mui
[2010/11/20 04:35:46 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=23EA2D4C545ED87E2F2063B558F0C6AB -- C:\Windows\System32\ro-RO\winlogon.exe.mui
[2010/11/20 04:35:46 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=23EA2D4C545ED87E2F2063B558F0C6AB -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_ro-ro_13b8c79eb4e2c41c\winlogon.exe.mui
[2010/11/20 04:33:58 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=457F07AB81E9245CB30605D8507A33CA -- C:\Windows\System32\da-DK\winlogon.exe.mui
[2010/11/20 04:33:58 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=457F07AB81E9245CB30605D8507A33CA -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_da-dk_26e3904171a42ae6\winlogon.exe.mui
[2010/11/21 02:38:25 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=65C2C2EE8F334EE07F66876551DE1827 -- C:\Windows\System32\en-US\winlogon.exe.mui
[2010/11/21 02:38:25 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=65C2C2EE8F334EE07F66876551DE1827 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_ccfffb7662588b45\winlogon.exe.mui
[2010/11/20 04:55:58 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=713FA5D57583A7F08628371497E92E64 -- C:\Windows\System32\pt-BR\winlogon.exe.mui
[2010/11/20 04:55:58 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=713FA5D57583A7F08628371497E92E64 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_pt-br_ce9c31facf0c88e4\winlogon.exe.mui
[2010/11/20 04:46:24 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=7BD4B15378DA488B8CD51EED275447D4 -- C:\Windows\System32\ru-RU\winlogon.exe.mui
[2010/11/20 04:46:24 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=7BD4B15378DA488B8CD51EED275447D4 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_ru-ru_1621132ab35d86ec\winlogon.exe.mui
[2010/11/20 04:46:32 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=B11892C84B25EAD09065E948C509A63E -- C:\Windows\System32\pt-PT\winlogon.exe.mui
[2010/11/20 04:46:32 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=B11892C84B25EAD09065E948C509A63E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_pt-pt_cf7e0166ce7bf8c0\winlogon.exe.mui
[2010/11/20 04:33:56 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=B32EA0DCF202619AA9670D2ED72F22FA -- C:\Windows\System32\bg-BG\winlogon.exe.mui
[2010/11/20 04:33:56 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=B32EA0DCF202619AA9670D2ED72F22FA -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_bg-bg_dea0397f8dd652bc\winlogon.exe.mui
[2010/11/20 04:35:46 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=BB7EE60E5D03373F049EF9716E96BC2E -- C:\Windows\System32\th-TH\winlogon.exe.mui
[2010/11/20 04:35:46 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=BB7EE60E5D03373F049EF9716E96BC2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_th-th_57261f529bcb4e88\winlogon.exe.mui
[2010/11/20 04:35:38 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=DD149ED9747AE77AF6220E0BC25AF64F -- C:\Windows\System32\ar-SA\winlogon.exe.mui
[2010/11/20 04:35:38 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=DD149ED9747AE77AF6220E0BC25AF64F -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_ar-sa_386057f69d560165\winlogon.exe.mui
[2010/11/20 04:40:38 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=FCDB1BB88BFFB01B8744825524F7F41D -- C:\Windows\System32\pl-PL\winlogon.exe.mui
[2010/11/20 04:40:38 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=FCDB1BB88BFFB01B8744825524F7F41D -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_pl-pl_cc484756d082f500\winlogon.exe.mui
< MD5 for: WINLOGON.MFL >
[2009/07/13 18:42:28 | 000,001,080 | ---- | M] () MD5=02345C56B022772AA29A6D249CBDDF62 -- C:\Windows\System32\wbem\pt-PT\winlogon.mfl
[2009/07/13 18:42:28 | 000,001,080 | ---- | M] () MD5=02345C56B022772AA29A6D249CBDDF62 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_2b0f3f69ecc5cebb\winlogon.mfl
[2010/11/21 02:38:26 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\System32\wbem\en-US\winlogon.mfl
[2010/11/21 02:38:26 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_2891397980a26140\winlogon.mfl
[2009/07/13 18:42:46 | 000,001,080 | ---- | M] () MD5=29D2D7CADA55AF5A1AC8B80FC9D75371 -- C:\Windows\System32\wbem\ro-RO\winlogon.mfl
[2009/07/13 18:42:46 | 000,001,080 | ---- | M] () MD5=29D2D7CADA55AF5A1AC8B80FC9D75371 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_ro-ro_6f4a05a1d32c9a17\winlogon.mfl
[2009/07/13 18:51:26 | 000,001,080 | ---- | M] () MD5=43DFDBFDFB7703B4E0E1533766E0C9C7 -- C:\Windows\System32\wbem\pl-PL\winlogon.mfl
[2009/07/13 18:51:26 | 000,001,080 | ---- | M] () MD5=43DFDBFDFB7703B4E0E1533766E0C9C7 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_27d98559eecccafb\winlogon.mfl
[2009/07/13 18:38:44 | 000,001,080 | ---- | M] () MD5=5EA7D2D62B1125D9E9D17AD55F86C1DD -- C:\Windows\System32\wbem\da-DK\winlogon.mfl
[2009/07/13 18:38:44 | 000,001,080 | ---- | M] () MD5=5EA7D2D62B1125D9E9D17AD55F86C1DD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_8274ce448fee00e1\winlogon.mfl
[2009/07/13 18:43:20 | 000,001,080 | ---- | M] () MD5=7692E2CEBFFA255EC64C28299416665F -- C:\Windows\System32\wbem\tr-TR\winlogon.mfl
[2009/07/13 18:43:20 | 000,001,080 | ---- | M] () MD5=7692E2CEBFFA255EC64C28299416665F -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_b6ba85e9b78c6933\winlogon.mfl
[2009/07/13 18:51:48 | 000,001,080 | ---- | M] () MD5=A728BE28643DDDCDA8D9A0477A28CB0E -- C:\Windows\System32\wbem\pt-BR\winlogon.mfl
[2009/07/13 18:51:48 | 000,001,080 | ---- | M] () MD5=A728BE28643DDDCDA8D9A0477A28CB0E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_2a2d6ffded565edf\winlogon.mfl
[2009/07/13 18:41:22 | 000,001,080 | ---- | M] () MD5=AC3DB6214BE53F6D948067FDFAEA8467 -- C:\Windows\System32\wbem\ru-RU\winlogon.mfl
[2009/07/13 18:41:22 | 000,001,080 | ---- | M] () MD5=AC3DB6214BE53F6D948067FDFAEA8467 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_71b2512dd1a75ce7\winlogon.mfl
[2009/07/13 18:35:34 | 000,001,080 | ---- | M] () MD5=B992736896EF493AA07E4A9F1E11BE51 -- C:\Windows\System32\wbem\th-TH\winlogon.mfl
[2009/07/13 18:35:34 | 000,001,080 | ---- | M] () MD5=B992736896EF493AA07E4A9F1E11BE51 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_th-th_b2b75d55ba152483\winlogon.mfl
[2009/07/13 18:37:50 | 000,001,080 | ---- | M] () MD5=D3EFBC11EEB056EA49C066DD5ABCF0F2 -- C:\Windows\System32\wbem\ar-SA\winlogon.mfl
[2009/07/13 18:37:50 | 000,001,080 | ---- | M] () MD5=D3EFBC11EEB056EA49C066DD5ABCF0F2 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_93f195f9bb9fd760\winlogon.mfl
[2009/07/13 18:32:36 | 000,001,080 | ---- | M] () MD5=EBFDF32FB385DB23B47F99B5D1841759 -- C:\Windows\System32\wbem\bg-BG\winlogon.mfl
[2009/07/13 18:32:36 | 000,001,080 | ---- | M] () MD5=EBFDF32FB385DB23B47F99B5D1841759 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_bg-bg_3a317782ac2028b7\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2009/07/13 22:37:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\System32\wbem\winlogon.mof
[2009/07/13 22:37:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_800f1ff3d73b72d9\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2009/06/10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/07/14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2014/01/21 22:21:58 | 000,054,606 | ---- | M] () -- C:\ComboFix.txt
[2009/06/10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2014/09/14 03:44:25 | 000,000,748 | ---- | M] () -- C:\console.log
[2014/10/06 02:45:38 | 000,000,009 | ---- | M] () -- C:\END
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 18:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 18:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 18:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2012/10/08 01:26:43 | 000,000,876 | ---- | M] () -- C:\Exe.reg
[2014/09/16 18:03:43 | 000,004,238 | ---- | M] () -- C:\GingerSetup.log
[2014/09/16 18:03:43 | 000,029,326 | ---- | M] () -- C:\GingerSetupHelper.log
[2007/11/07 18:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2014/01/14 13:29:56 | 000,001,054 | ---- | M] () -- C:\GSview 4.6.LNK
[2014/10/07 09:18:47 | 2370,592,768 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 18:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 18:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 18:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 18:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 18:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 18:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 18:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 18:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 18:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 18:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2014/10/08 01:49:47 | 402,935,807 | -HS- | M] () -- C:\pagefile.sys
[2013/05/19 22:12:52 | 000,312,273 | ---- | M] () -- C:\Section 1.rar
[2012/11/30 18:19:27 | 000,000,360 | ---- | M] () -- C:\SetSearchAndHomepageInBrowserLog.txt
[2013/08/03 23:20:15 | 339,909,456 | ---- | M] (Hewlett Packard Company ) -- C:\sp55947.exe
[2013/08/04 21:57:41 | 090,242,800 | ---- | M] (Hewlett Packard ) -- C:\sp56282.exe
[2012/10/22 03:58:25 | 000,001,392 | ---- | M] () -- C:\user.js
[2007/11/07 18:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 18:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 18:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
< %systemroot%\Fonts\*.com >
[2009/07/14 06:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 06:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 06:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 06:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/10 23:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/07/14 03:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
[2010/11/20 23:29:21 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\winprint.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/07/14 06:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 62CB-5226
Directory of C:\
07/14/2009 06:53 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\Program Files (x86)\Evernote
05/05/2011 03:06 AM <SYMLINKD> Evernote3.5 [C:\Program Files (x86)\Evernote\Evernote]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/14/2009 06:53 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 06:53 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 06:53 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 06:53 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 06:53 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 06:53 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/14/2009 06:53 AM <SYMLINKD> All Users [C:\ProgramData]
07/14/2009 06:53 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\123321
01/14/2014 10:32 AM <JUNCTION> Application Data [C:\Users\123321\AppData\Roaming]
01/14/2014 10:32 AM <JUNCTION> Cookies [C:\Users\123321\AppData\Roaming\Microsoft\Windows\Cookies]
01/14/2014 10:32 AM <JUNCTION> Local Settings [C:\Users\123321\AppData\Local]
01/14/2014 10:32 AM <JUNCTION> My Documents [C:\Users\123321\Documents]
01/14/2014 10:32 AM <JUNCTION> NetHood [C:\Users\123321\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/14/2014 10:32 AM <JUNCTION> PrintHood [C:\Users\123321\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/14/2014 10:32 AM <JUNCTION> Recent [C:\Users\123321\AppData\Roaming\Microsoft\Windows\Recent]
01/14/2014 10:32 AM <JUNCTION> SendTo [C:\Users\123321\AppData\Roaming\Microsoft\Windows\SendTo]
01/14/2014 10:32 AM <JUNCTION> Start Menu [C:\Users\123321\AppData\Roaming\Microsoft\Windows\Start Menu]
01/14/2014 10:32 AM <JUNCTION> Templates [C:\Users\123321\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\123321\AppData\Local
01/14/2014 10:32 AM <JUNCTION> Application Data [C:\Users\123321\AppData\Local]
01/14/2014 10:32 AM <JUNCTION> History [C:\Users\123321\AppData\Local\Microsoft\Windows\History]
01/14/2014 10:32 AM <JUNCTION> Temporary Internet Files [C:\Users\123321\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\123321\Documents
01/14/2014 10:32 AM <JUNCTION> My Music [C:\Users\123321\Music]
01/14/2014 10:32 AM <JUNCTION> My Pictures [C:\Users\123321\Pictures]
01/14/2014 10:32 AM <JUNCTION> My Videos [C:\Users\123321\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/14/2009 06:53 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 06:53 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 06:53 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 06:53 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 06:53 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 06:53 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/14/2009 06:53 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009 06:53 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/14/2009 06:53 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/14/2009 06:53 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 06:53 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 06:53 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 06:53 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 06:53 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 06:53 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 06:53 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/14/2009 06:53 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 06:53 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 06:53 AM <JUNCTION> My Music [C:\Users\Default\Music]
07/14/2009 06:53 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/14/2009 06:53 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\MAGMAM
08/02/2013 01:25 PM <JUNCTION> Application Data [C:\Users\MAGMAM\AppData\Roaming]
08/02/2013 01:25 PM <JUNCTION> Cookies [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Cookies]
08/02/2013 01:25 PM <JUNCTION> Local Settings [C:\Users\MAGMAM\AppData\Local]
08/02/2013 01:25 PM <JUNCTION> My Documents [C:\Users\MAGMAM\Documents]
08/02/2013 01:25 PM <JUNCTION> NetHood [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/02/2013 01:25 PM <JUNCTION> PrintHood [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/02/2013 01:25 PM <JUNCTION> Recent [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Recent]
08/02/2013 01:25 PM <JUNCTION> SendTo [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\SendTo]
08/02/2013 01:25 PM <JUNCTION> Start Menu [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Start Menu]
08/02/2013 01:25 PM <JUNCTION> Templates [C:\Users\MAGMAM\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\MAGMAM\AppData\Local
08/02/2013 01:25 PM <JUNCTION> Application Data [C:\Users\MAGMAM\AppData\Local]
08/02/2013 01:25 PM <JUNCTION> History [C:\Users\MAGMAM\AppData\Local\Microsoft\Windows\History]
08/02/2013 01:25 PM <JUNCTION> Temporary Internet Files [C:\Users\MAGMAM\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\MAGMAM\Desktop\arduino-1.0.5-linux32\arduino-1.0.5\hardware\tools\avr\bin
02/20/2014 12:35 AM <SYMLINK> avr-c++ [avr-g++]
02/20/2014 12:35 AM <SYMLINK> avr-gcc-4.3.2 [avr-gcc]
2 File(s) 0 bytes
Directory of C:\Users\MAGMAM\Desktop\arduino-1.0.5-linux32\arduino-1.0.5\hardware\tools\avr\lib
02/20/2014 12:35 AM <SYMLINK> libgmp.so.3 [libgmp.so.3.4.4]
02/20/2014 12:35 AM <SYMLINK> libmpfr.so.1 [libmpfr.so.1.2.0]
2 File(s) 0 bytes
Directory of C:\Users\MAGMAM\Desktop\arduino-1.0.5-linux32\arduino-1.0.5\hardware\tools\avr\lib\avr\bin
02/20/2014 12:35 AM <SYMLINK> ar [..\..\..\bin\avr-ar]
02/20/2014 12:35 AM <SYMLINK> as [..\..\..\bin\avr-as]
02/20/2014 12:35 AM <SYMLINK> ld [..\..\..\bin\avr-ld]
02/20/2014 12:35 AM <SYMLINK> nm [..\..\..\bin\avr-nm]
02/20/2014 12:35 AM <SYMLINK> objcopy [..\..\..\bin\avr-objcopy]
02/20/2014 12:35 AM <SYMLINK> objdump [..\..\..\bin\avr-objdump]
02/20/2014 12:35 AM <SYMLINK> ranlib [..\..\..\bin\avr-ranlib]
02/20/2014 12:35 AM <SYMLINK> strip [..\..\..\bin\avr-strip]
8 File(s) 0 bytes
Directory of C:\Users\MAGMAM\Documents
08/02/2013 01:25 PM <JUNCTION> My Music [C:\Users\MAGMAM\Music]
08/02/2013 01:25 PM <JUNCTION> My Pictures [C:\Users\MAGMAM\Pictures]
08/02/2013 01:25 PM <JUNCTION> My Videos [C:\Users\MAGMAM\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 06:53 AM <JUNCTION> My Music [C:\Users\Public\Music]
07/14/2009 06:53 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/14/2009 06:53 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
12 File(s) 0 bytes
66 Dir(s) 14,232,317,952 bytes free
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2013/08/02 13:27:39 | 000,000,221 | -HS- | M] () -- C:\Users\MAGMAM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2014/04/28 08:26:49 | 004,485,816 | ---- | M] (AVG Technologies) -- C:\Users\MAGMAM\Desktop\avg_avct_stb_all_2014_4569.exe
[2014/04/28 09:23:59 | 070,658,472 | ---- | M] (AVG) -- C:\Users\MAGMAM\Desktop\avg_tuh_stf_all_2014_380_24c28.exe
[2014/01/21 21:41:33 | 005,172,786 | R--- | M] (Swearware) -- C:\Users\MAGMAM\Desktop\ComboFix.exe
[2014/10/06 04:15:20 | 000,355,328 | ---- | M] () -- C:\Users\MAGMAM\Desktop\FIFA15Downloader__7934_il2533458.exe
[2014/10/06 02:10:17 | 008,052,240 | ---- | M] () -- C:\Users\MAGMAM\Desktop\HSS-3.42-install-hss.exe
[2014/01/22 07:18:10 | 001,037,068 | ---- | M] (Thisisu) -- C:\Users\MAGMAM\Desktop\JRT.exe
[2014/01/19 11:30:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MAGMAM\Desktop\OTL.exe
[2014/09/14 01:42:20 | 001,758,592 | ---- | M] (AVM Software Inc.) -- C:\Users\MAGMAM\Desktop\pal_install_ar_r109860_a3000.exe
[2014/04/23 21:40:14 | 049,259,608 | ---- | M] (RealNetworks, Inc.) -- C:\Users\MAGMAM\Desktop\realplayercloud.exe
[2014/10/03 08:29:04 | 001,006,592 | ---- | M] (AutomaticSolution Software ) -- C:\Users\MAGMAM\Desktop\ReMouseMicro-Setup.exe
[2014/05/08 14:45:54 | 000,640,792 | ---- | M] () -- C:\Users\MAGMAM\Desktop\safari-browser.exe
[2014/02/17 23:10:43 | 005,855,856 | ---- | M] (TeamViewer GmbH) -- C:\Users\MAGMAM\Desktop\TeamViewer_Setup_ar.exe
[2014/01/27 08:12:53 | 001,307,736 | ---- | M] (BitTorrent Inc.) -- C:\Users\MAGMAM\Desktop\utorrent.exe
[2014/07/23 18:29:23 | 000,441,856 | ---- | M] () -- C:\Users\MAGMAM\Desktop\war of nations gold generator.exe
[2014/02/17 15:43:59 | 026,562,872 | ---- | M] () -- C:\Users\MAGMAM\Desktop\WebcamMax-7.8.1.6.MultiLanguage.Setup.exe
[2014/07/03 06:28:01 | 009,304,408 | ---- | M] (Wargaming.net ) -- C:\Users\MAGMAM\Desktop\WoT_internet_install_eu.exe
[2 C:\Users\MAGMAM\Desktop\*.tmp files -> C:\Users\MAGMAM\Desktop\*.tmp -> ]
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
[2012/11/28 09:42:06 | 000,013,021 | ---- | M] () -- C:\Windows\snp2uvc.src
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2014-10-01 01:07:58
========== Files - Unicode (All) ==========
[2014/07/25 02:22:38 | 020,064,795 | ---- | M] ()(C:\Users\MAGMAM\Documents\Alex D?az.mp4) -- C:\Users\MAGMAM\Documents\Alex Díaz.mp4
[2014/07/23 03:48:43 | 020,064,795 | ---- | C] ()(C:\Users\MAGMAM\Documents\Alex D?az.mp4) -- C:\Users\MAGMAM\Documents\Alex Díaz.mp4
[2014/07/21 14:35:23 | 001,747,888 | ---- | M] ()(C:\Users\MAGMAM\Documents\SA Ward?ga - Korean Samara.mp4) -- C:\Users\MAGMAM\Documents\SA Wardęga - Korean Samara.mp4
[2014/07/21 14:34:02 | 001,747,888 | ---- | C] ()(C:\Users\MAGMAM\Documents\SA Ward?ga - Korean Samara.mp4) -- C:\Users\MAGMAM\Documents\SA Wardęga - Korean Samara.mp4
[2014/07/04 02:51:33 | 003,477,070 | ---- | M] ()(C:\Users\MAGMAM\Documents\??????? TVPool Buffet _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\ทีวีพูล TVPool Buffet _ Facebook.mp4
[2014/07/04 02:48:08 | 003,477,070 | ---- | C] ()(C:\Users\MAGMAM\Documents\??????? TVPool Buffet _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\ทีวีพูล TVPool Buffet _ Facebook.mp4
[2014/06/20 00:34:11 | 004,082,194 | ---- | M] ()(C:\Users\MAGMAM\Documents\???Sonr?e!! Que tengas un buen d?a. - Amigos de los Animales Chihuahua _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\¡¡¡Sonríe!! Que tengas un buen día. - Amigos de los Animales Chihuahua _ Facebook.mp4
[2014/06/20 00:33:35 | 004,082,194 | ---- | C] ()(C:\Users\MAGMAM\Documents\???Sonr?e!! Que tengas un buen d?a. - Amigos de los Animales Chihuahua _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\¡¡¡Sonríe!! Que tengas un buen día. - Amigos de los Animales Chihuahua _ Facebook.mp4
[2014/06/19 02:44:08 | 027,822,915 | ---- | M] ()(C:\Users\MAGMAM\Documents\Jamich - SOBRANG KILIG!!!! PANOODIN NIYO!! _)) ? _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\Jamich - SOBRANG KILIG!!!! PANOODIN NIYO!! _)) ♥ _ Facebook.mp4
[2014/06/19 02:39:44 | 027,822,915 | ---- | C] ()(C:\Users\MAGMAM\Documents\Jamich - SOBRANG KILIG!!!! PANOODIN NIYO!! _)) ? _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\Jamich - SOBRANG KILIG!!!! PANOODIN NIYO!! _)) ♥ _ Facebook.mp4
[2014/06/17 03:49:10 | 026,224,572 | ---- | M] ()(C:\Users\MAGMAM\Documents\Bedirhan G?kçe - Alk??? Hak Edenler _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\Bedirhan Gökçe - Alkışı Hak Edenler _ Facebook.mp4
[2014/06/17 03:45:24 | 026,224,572 | ---- | C] ()(C:\Users\MAGMAM\Documents\Bedirhan G?kçe - Alk??? Hak Edenler _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\Bedirhan Gökçe - Alkışı Hak Edenler _ Facebook.mp4
[2014/06/16 17:16:22 | 018,978,704 | ---- | M] ()(C:\Users\MAGMAM\Documents\En iyi uykudan uyand?rma y?ntemleri _)))) - Abi çok iyi yaa. _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\En iyi uykudan uyandırma yöntemleri _)))) - Abi çok iyi yaa. _ Facebook.mp4
[2014/06/16 17:13:22 | 018,978,704 | ---- | C] ()(C:\Users\MAGMAM\Documents\En iyi uykudan uyand?rma y?ntemleri _)))) - Abi çok iyi yaa. _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\En iyi uykudan uyandırma yöntemleri _)))) - Abi çok iyi yaa. _ Facebook.mp4
[2014/06/15 23:57:24 | 004,159,448 | ---- | M] ()(C:\Users\MAGMAM\Documents\Climatologia Geogr?fica _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\Climatologia Geográfica _ Facebook.mp4
[2014/06/15 23:56:40 | 004,159,448 | ---- | C] ()(C:\Users\MAGMAM\Documents\Climatologia Geogr?fica _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\Climatologia Geográfica _ Facebook.mp4
[2014/06/13 21:39:26 | 009,422,854 | ---- | M] ()(C:\Users\MAGMAM\Documents\D.A.A.S - El v?deo mas enternecedor del MUNDO!! _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\D.A.A.S - El vídeo mas enternecedor del MUNDO!! _ Facebook.mp4
[2014/06/13 21:34:34 | 009,422,854 | ---- | C] ()(C:\Users\MAGMAM\Documents\D.A.A.S - El v?deo mas enternecedor del MUNDO!! _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\D.A.A.S - El vídeo mas enternecedor del MUNDO!! _ Facebook.mp4
[2014/06/11 09:37:30 | 014,251,930 | ---- | M] ()(C:\Users\MAGMAM\Documents\??????????? _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\真愛談戀愛。真愛橋到底 _ Facebook.mp4
[2014/06/11 09:37:21 | 014,251,930 | ---- | C] ()(C:\Users\MAGMAM\Documents\??????????? _ Facebook.mp4) -- C:\Users\MAGMAM\Documents\真愛談戀愛。真愛橋到底 _ Facebook.mp4
========== Alternate Data Streams ==========
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:07F6D9E4
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:6FE816BE
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:CB9FA647
< End of report >
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 04:10:19 am, on 08/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\WebcamMax\wcmmon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Hotspot Shield\bin\hsscp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Ginger\GingerServices\GingerServices.exe
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Notepad++\notepad++.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\MAGMAM\Desktop\HiJackThis.exe
C:\Windows\System32\osk.exe
c:\program files\real\realplayer\RealPlay.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 127.0.0.3 www.anchorfree.net
O1 - Hosts: 127.0.0.2 www.mefeedia.com
O2 - BHO: Ginger Grammar & Spell Checker - {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - C:\Program Files\Ginger\GingerIEAddin\adxloader.dll (file missing)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: FoxPro - {598AC71E-BE58-3981-B78A-5C138F423AD6} - C:\Users\MAGMAM\AppData\Roaming\VolIE\FoxPro_32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files\WebcamMax\wcmmon.exe" -a
O4 - HKCU\..\Run: [uTorrent] "C:\Users\MAGMAM\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [SpeedConnectStartUp] C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe -run
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6116CBA5655B8B1266EAB4041CDFAAA1] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\RunOnce: [osk.exe] osk.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Windows\System32\osk.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [osk.exe] osk.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Users\MAGMAM\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O4 - Global Startup: Ginger.lnk = ?
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - (no file)
O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - (no file)
O9 - Extra button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - (no file)
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Arp Intelligent Protection Service (AIPS) - Arcai.com - C:\Program Files\netcut\services\AIPS.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
O23 - Service: GingerUpdateService - Ginger Software - C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: webcamXP Service (wxpSvc) - Moonware Studios - C:\Program Files\webcamXP5\wService.exe
--
End of file - 13550 bytes
Edited by ComputerEngineer, 07 October 2014 - 09:14 PM.