cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 24/12/2016 12:38:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eu\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

15,95 Gb Total Physical Memory | 12,18 Gb Available Physical Memory | 76,36% Memory free
18,32 Gb Paging File | 13,87 Gb Available in Paging File | 75,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,01 Gb Total Space | 3,24 Gb Free Space | 2,92% Space Free | Partition Type: NTFS
Drive D: | 443,23 Gb Total Space | 16,62 Gb Free Space | 3,75% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 7,25 Gb Free Space | 0,78% Space Free | Partition Type: NTFS
Drive F: | 487,94 Gb Total Space | 12,98 Gb Free Space | 2,66% Space Free | Partition Type: NTFS
Drive G: | 890,32 Gb Total Space | 106,55 Gb Free Space | 11,97% Space Free | Partition Type: NTFS
Drive I: | 34,62 Gb Total Space | 0,78 Gb Free Space | 2,24% Space Free | Partition Type: NTFS

Computer Name: COMP | User Name: Eu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2016/12/24 12:36:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eu\Downloads\OTL.exe
PRC - [2016/12/19 23:25:40 | 002,186,528 | ---- | M] (Valve Corporation) -- G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
PRC - [2016/12/19 23:25:40 | 001,467,168 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2016/12/19 23:25:38 | 002,876,704 | ---- | M] (Valve Corporation) -- G:\Program Files (x86)\Steam\Steam.exe
PRC - [2016/12/14 21:26:47 | 001,517,280 | ---- | M] (Microsoft Corporation) -- C:\Users\Eu\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2016/12/08 04:29:38 | 000,935,768 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2016/12/07 18:41:09 | 002,180,624 | ---- | M] (Electronic Arts) -- G:\Program Files (x86)\Origin\OriginWebHelperService.exe
PRC - [2016/10/20 10:35:48 | 000,036,496 | ---- | M] (Wondershare) -- C:\Program Files (x86)\Wondershare\Dr.Fone para Android\BackupRemind.exe
PRC - [2016/09/09 03:01:12 | 011,412,144 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
PRC - [2016/08/25 09:21:21 | 007,534,864 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2016/06/20 14:49:06 | 002,131,344 | ---- | M] (Wondershare) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
PRC - [2016/02/15 11:19:52 | 000,359,424 | ---- | M] (GEARMAGE, LLC) -- C:\Program Files (x86)\GearMage\Mail Attachment Downloader v3.1\MailAttachmentDownloader.exe
PRC - [2016/01/08 05:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) -- C:\Arquivos de Programas\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
PRC - [2013/05/03 02:19:14 | 002,248,704 | ---- | M] () -- C:\Program Files (x86)\CMS\CMS.exe
PRC - [2011/06/23 07:19:53 | 001,275,192 | ---- | M] (Jetico, Inc.) -- C:\Program Files (x86)\Jetico\BestCrypt\BCWipeTM.exe
PRC - [2011/03/28 08:26:14 | 000,095,544 | ---- | M] (Jetico, Inc.) -- C:\Program Files (x86)\Jetico\BestCrypt\BCWipeSvc.exe
PRC - [2011/02/17 02:24:44 | 000,200,704 | ---- | M] (Jetico, Inc.) -- C:\PROGRA~2\Jetico\BESTCR~1\BCResident.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/12/19 23:25:44 | 002,322,720 | ---- | M] () -- G:\Program Files (x86)\Steam\video.dll
MOD - [2016/12/19 23:25:40 | 000,838,944 | ---- | M] () -- G:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2016/12/19 23:25:38 | 000,388,384 | ---- | M] () -- G:\Program Files (x86)\Steam\Steam.dll
MOD - [2016/12/14 21:26:47 | 001,244,376 | ---- | M] () -- C:\Users\Eu\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
MOD - [2016/12/08 12:13:58 | 000,656,160 | ---- | M] () -- G:\Program Files (x86)\Steam\SDL2.dll
MOD - [2016/12/08 04:29:44 | 001,829,208 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
MOD - [2016/12/08 04:29:43 | 000,085,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
MOD - [2016/12/05 13:21:16 | 067,304,736 | ---- | M] () -- G:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
MOD - [2016/10/26 01:04:44 | 000,258,064 | ---- | M] () -- C:\Windows\SysWOW64\GameManager32.dll
MOD - [2016/09/09 03:22:34 | 004,730,544 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\SLocales.dll
MOD - [2016/09/09 03:19:48 | 000,853,680 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\SCommon.dll
MOD - [2016/09/09 03:17:08 | 002,661,040 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\NativeSideSyncFramework.dll
MOD - [2016/09/09 03:01:12 | 011,412,144 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
MOD - [2016/08/31 22:02:12 | 004,969,248 | ---- | M] () -- G:\Program Files (x86)\Steam\v8.dll
MOD - [2016/08/31 22:02:06 | 001,563,936 | ---- | M] () -- G:\Program Files (x86)\Steam\icui18n.dll
MOD - [2016/08/31 22:02:06 | 001,195,296 | ---- | M] () -- G:\Program Files (x86)\Steam\icuuc.dll
MOD - [2016/07/04 19:17:58 | 000,266,560 | ---- | M] () -- G:\Program Files (x86)\Steam\openvr_api.dll
MOD - [2016/06/20 14:48:20 | 001,506,304 | ---- | M] () -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
MOD - [2016/05/04 06:15:40 | 001,289,216 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\cairo.dll
MOD - [2016/05/04 06:15:40 | 000,230,529 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\libpng14-14.dll
MOD - [2016/05/04 06:15:40 | 000,100,352 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\zlib1.dll
MOD - [2016/05/04 06:15:40 | 000,091,136 | ---- | M] () -- C:\Program Files (x86)\Samsung\SideSync4\ThoughtWorks.QRCode.dll
MOD - [2016/01/27 04:49:46 | 002,549,760 | ---- | M] () -- G:\Program Files (x86)\Steam\libavcodec-56.dll
MOD - [2016/01/27 04:49:46 | 000,491,008 | ---- | M] () -- G:\Program Files (x86)\Steam\libavformat-56.dll
MOD - [2016/01/27 04:49:46 | 000,485,888 | ---- | M] () -- G:\Program Files (x86)\Steam\libswscale-3.dll
MOD - [2016/01/27 04:49:46 | 000,442,880 | ---- | M] () -- G:\Program Files (x86)\Steam\libavutil-54.dll
MOD - [2016/01/27 04:49:46 | 000,332,800 | ---- | M] () -- G:\Program Files (x86)\Steam\libavresample-2.dll
MOD - [2015/09/24 20:52:04 | 000,119,208 | ---- | M] () -- G:\Program Files (x86)\Steam\winh264.dll
MOD - [2014/05/19 17:19:02 | 000,137,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
MOD - [2013/05/03 02:19:14 | 002,248,704 | ---- | M] () -- C:\Program Files (x86)\CMS\CMS.exe
MOD - [2013/05/03 02:15:01 | 001,355,776 | ---- | M] () -- C:\Program Files (x86)\CMS\ConfigModule.dll
MOD - [2013/05/03 02:14:18 | 000,446,464 | ---- | M] () -- C:\Program Files (x86)\CMS\LocalRecord.dll
MOD - [2013/05/03 02:11:39 | 000,643,072 | ---- | M] () -- C:\Program Files (x86)\CMS\PlayBack.dll
MOD - [2013/05/02 04:47:50 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\CMS\NetSDK.dll
MOD - [2013/04/27 00:36:39 | 000,311,360 | ---- | M] () -- C:\Program Files (x86)\CMS\H264Play.dll
MOD - [2013/04/27 00:36:39 | 000,027,136 | ---- | M] () -- C:\Program Files (x86)\CMS\DllDeinterlace.dll
MOD - [2013/03/14 23:12:11 | 000,643,072 | ---- | M] () -- C:\PROGRA~2\CMS\MapCtrl.ocx
MOD - [2013/01/08 07:34:06 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\CMS\HookOperate.dll
MOD - [2012/12/16 22:47:21 | 000,626,753 | ---- | M] () -- C:\Program Files (x86)\CMS\HH5PlayerSDK.dll
MOD - [2012/12/16 22:47:21 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\CMS\HHNetClient.dll
MOD - [2012/12/16 22:47:21 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\CMS\HHReadWriterSDK.dll
MOD - [2012/12/10 05:01:57 | 000,212,992 | ---- | M] () -- C:\Program Files (x86)\CMS\Password.dll
MOD - [2012/03/16 23:32:47 | 000,055,808 | ---- | M] () -- C:\PROGRA~2\Player\WNDMAN~1.OCX
MOD - [2011/08/03 22:28:18 | 000,864,347 | ---- | M] () -- C:\Program Files (x86)\CMS\HCNetSDK.dll
MOD - [2011/08/03 22:28:16 | 001,101,917 | ---- | M] () -- C:\Program Files (x86)\CMS\PlayCtrl.dll
MOD - [2011/08/03 22:28:16 | 000,151,607 | ---- | M] () -- C:\Program Files (x86)\CMS\hpr.dll
MOD - [2011/01/31 04:19:17 | 000,070,968 | ---- | M] () -- C:\PROGRA~2\Jetico\BESTCR~1\dismount.dll
MOD - [2010/12/28 05:15:24 | 000,466,944 | ---- | M] () -- C:\Program Files (x86)\CMS\dhplay.dll
MOD - [2010/12/28 02:45:30 | 000,782,336 | ---- | M] () -- C:\Program Files (x86)\CMS\dhnetsdk.dll
MOD - [2010/12/28 02:41:12 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\CMS\dhdvr.dll
MOD - [2010/12/22 06:04:26 | 000,339,968 | ---- | M] () -- c:\program files (x86)\cms\dllh264.dll
MOD - [2010/07/20 00:18:20 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\CMS\AmrDll.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/12/09 07:28:24 | 000,764,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2016/12/09 06:24:21 | 002,275,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2016/11/11 06:22:23 | 000,082,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2016/11/11 06:20:50 | 000,339,456 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2016/11/11 06:20:10 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2016/11/11 06:19:59 | 000,411,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2016/11/11 06:19:35 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2016/11/11 06:16:35 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2016/11/11 06:14:35 | 002,104,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2016/11/11 06:11:57 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2016/11/11 06:06:19 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2016/11/11 06:05:32 | 004,136,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2016/11/11 06:04:16 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2016/11/11 06:04:03 | 001,232,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2016/11/02 07:30:35 | 000,635,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2016/11/02 07:19:44 | 000,805,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2016/11/02 07:16:47 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2016/11/02 07:16:27 | 000,770,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2016/11/01 23:05:26 | 000,373,744 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:[b]64bit:[/b] - [2016/10/26 01:04:40 | 000,305,168 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2016/10/15 00:42:44 | 000,539,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2016/10/15 00:37:03 | 001,980,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2016/10/05 06:18:56 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2016/09/15 14:29:55 | 000,823,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AppVClient.exe -- (AppVClient)
SRV:[b]64bit:[/b] - [2016/09/15 13:40:41 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2016/09/15 13:38:15 | 000,203,776 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2016/09/15 13:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2016/09/15 13:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2016/09/15 13:35:45 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2016/09/15 13:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2016/09/15 13:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2016/09/15 13:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2016/09/15 13:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2016/09/15 13:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2016/09/15 13:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2016/09/15 13:35:03 | 001,013,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2016/09/15 13:23:51 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2016/09/07 01:59:55 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2016/09/07 01:55:30 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2016/09/07 01:40:44 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2016/08/20 02:17:48 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2016/08/06 00:36:20 | 000,447,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2016/08/06 00:34:01 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2016/07/16 20:15:50 | 001,227,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AgentService.exe -- (UevAgentService)
SRV:[b]64bit:[/b] - [2016/07/16 20:15:42 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2016/07/16 08:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2016/07/16 08:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2016/07/16 08:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:43:10 | 001,836,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:37 | 000,718,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_58782)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_58782)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_58782)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_58782)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_58782)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_58782)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_58782)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:19 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 001,512,448 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 001,184,256 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,326,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2016/07/16 08:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV - [2016/12/19 23:25:40 | 001,467,168 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2016/12/16 21:12:53 | 000,198,088 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/12/09 05:54:48 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2016/12/07 18:41:09 | 002,180,624 | ---- | M] (Electronic Arts) [Auto | Running] -- G:\Program Files (x86)\Origin\OriginWebHelperService.exe -- (Origin Web Helper Service)
SRV - [2016/12/07 18:41:09 | 002,119,688 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- G:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2016/11/24 13:02:26 | 000,026,112 | ---- | M] () [Auto | Running] -- C:\Windows\KMS-R@1n.exe -- (KMS-R@1n)
SRV - [2016/11/11 04:19:35 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2016/11/11 04:05:12 | 003,370,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2016/11/01 23:05:26 | 000,301,552 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2016/10/20 10:36:00 | 000,115,856 | ---- | M] (Wondershare) [On_Demand | Stopped] -- C:\Program Files (x86)\Wondershare\Dr.Fone para Android\DriverInstall.exe -- (WsDrvInst)
SRV - [2016/10/10 09:51:48 | 000,437,392 | ---- | M] (Wondershare) [Auto | Running] -- C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe -- (WsAppService)
SRV - [2016/09/16 15:38:00 | 000,155,016 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe -- (AdaptiveSleepService)
SRV - [2016/08/25 09:21:21 | 007,534,864 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2016/08/06 00:33:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2016/07/16 08:42:55 | 000,968,704 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2016/07/16 08:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2016/03/29 00:03:50 | 000,137,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2016/03/22 22:22:16 | 000,056,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Arquivos de Programas (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe -- (VSStandardCollectorService140)
SRV - [2016/02/27 19:26:48 | 000,131,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2016/01/08 05:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) [Auto | Running] -- C:\Arquivos de Programas\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe -- (ss_conn_service)
SRV - [2014/08/05 22:04:22 | 001,441,792 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\Everything\Everything.exe -- (Everything)
SRV - [2014/04/30 16:33:52 | 000,337,776 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Arquivos de Programas\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV - [2013/07/18 16:39:40 | 000,762,192 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/03/28 08:26:14 | 000,095,544 | ---- | M] (Jetico, Inc.) [Auto | Running] -- C:\Program Files (x86)\Jetico\BestCrypt\BCWipeSvc.exe -- (BCWipeSvc)
SRV - [2008/07/10 09:31:06 | 057,820,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exe -- (MSSQLSERVER)
SRV - [2008/07/10 09:31:00 | 000,430,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE -- (SQLSERVERAGENT)
SRV - [2008/07/10 09:31:00 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Arquivos de Programas\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)
SRV - [2008/07/10 04:40:50 | 000,214,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe -- (MsDtsServer100)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/12/09 07:30:39 | 000,377,184 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2016/11/27 19:20:31 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2016/11/11 07:00:25 | 000,219,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2016/11/11 06:26:51 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2016/11/02 07:55:52 | 000,048,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2016/11/01 23:05:26 | 007,966,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2016/10/26 01:04:48 | 026,568,856 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2016/10/26 01:04:40 | 000,536,592 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2016/10/15 01:37:01 | 000,063,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2016/10/15 01:30:16 | 000,557,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2016/10/15 00:31:37 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2016/10/05 07:35:31 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2016/10/05 07:09:07 | 000,064,352 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2016/09/15 14:29:54 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2016/09/15 14:29:52 | 000,127,328 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppVStrm.sys -- (AppvStrm)
DRV:[b]64bit:[/b] - [2016/09/15 14:29:03 | 000,081,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2016/09/15 14:15:56 | 000,130,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2016/09/15 14:14:50 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2016/09/15 13:36:57 | 000,719,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2016/09/10 10:21:43 | 000,118,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2016/09/07 02:29:32 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2016/09/05 05:47:12 | 000,165,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2016/09/05 05:47:06 | 000,131,712 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2016/08/20 03:06:57 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2016/08/20 02:20:50 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2016/08/06 01:16:50 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2016/07/16 20:16:02 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2016/07/16 20:15:55 | 000,179,040 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mssecflt.sys -- (MsSecFlt)
DRV:[b]64bit:[/b] - [2016/07/16 20:15:50 | 000,040,288 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\UevAgentDriver.sys -- (UevAgentDriver)
DRV:[b]64bit:[/b] - [2016/07/16 20:15:42 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2016/07/16 20:15:39 | 000,123,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2016/07/16 20:15:37 | 000,157,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVemgr.sys -- (AppvVemgr)
DRV:[b]64bit:[/b] - [2016/07/16 20:15:37 | 000,141,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVfs.sys -- (AppvVfs)
DRV:[b]64bit:[/b] - [2016/07/16 08:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2016/07/16 08:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2016/07/16 08:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2016/07/16 08:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2016/07/16 08:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2016/07/16 08:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2016/05/12 05:32:26 | 000,481,768 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2016/04/10 17:57:49 | 000,047,672 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtliteusbbus.sys -- (dtliteusbbus)
DRV:[b]64bit:[/b] - [2016/04/10 17:57:45 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:[b]64bit:[/b] - [2016/03/28 01:37:10 | 003,495,680 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\glavcam.sys -- (glavcam)
DRV:[b]64bit:[/b] - [2015/10/07 15:55:08 | 002,241,848 | ---- | M] (MediaTek Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:[b]64bit:[/b] - [2015/07/21 20:42:04 | 000,102,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWT6.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2015/06/17 17:04:24 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2015/06/03 10:35:36 | 000,031,992 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV:[b]64bit:[/b] - [2015/02/17 13:40:24 | 000,073,856 | ---- | M] (Identiv) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\S3XXx64.sys -- (S3XXx64)
DRV:[b]64bit:[/b] - [2014/05/08 18:52:14 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetbus64.sys -- (AndnetBus)
DRV:[b]64bit:[/b] - [2014/03/28 15:25:16 | 000,028,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetgps64.sys -- (AndNetGps)
DRV:[b]64bit:[/b] - [2014/03/28 15:25:14 | 000,029,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag264.sys -- (AndNetDiag2)
DRV:[b]64bit:[/b] - [2014/01/22 08:52:10 | 000,036,608 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudcdf.sys -- (ssudcdf)
DRV:[b]64bit:[/b] - [2014/01/12 06:05:46 | 000,086,016 | ---- | M] (Nuvoton Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuvserial.sys -- (Serial)
DRV:[b]64bit:[/b] - [2014/01/12 06:05:46 | 000,023,552 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuvserenum.sys -- (Serenum)
DRV:[b]64bit:[/b] - [2013/10/11 14:03:00 | 000,083,224 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:[b]64bit:[/b] - [2013/07/30 04:54:39 | 000,080,064 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bcbus.sys -- (bcbus)
DRV:[b]64bit:[/b] - [2013/06/04 11:37:50 | 000,033,008 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:[b]64bit:[/b] - [2013/06/04 11:37:50 | 000,029,424 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:[b]64bit:[/b] - [2013/04/30 05:25:00 | 000,677,360 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2013/04/24 10:15:28 | 000,028,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:[b]64bit:[/b] - [2013/04/24 10:15:28 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64gps.sys -- (UsbGps)
DRV:[b]64bit:[/b] - [2013/04/24 10:15:26 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:[b]64bit:[/b] - [2013/01/23 11:57:32 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2013/01/23 11:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:[b]64bit:[/b] - [2012/05/02 15:39:34 | 000,345,720 | ---- | M] (GetData Pty Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MIPFSv5.sys -- (MIPFSv5)
DRV:[b]64bit:[/b] - [2012/04/27 11:56:46 | 000,065,144 | ---- | M] (GetData Pty Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MIPDISKv564.sys -- (MIPDISKv564)
DRV:[b]64bit:[/b] - [2012/03/20 08:59:42 | 000,197,752 | ---- | M] (GetData Pty Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MIPDISKPNPv5.sys -- (MIPDISKPNPv5)
DRV:[b]64bit:[/b] - [2012/03/02 09:02:00 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lganddiag64.sys -- (AndDiag)
DRV:[b]64bit:[/b] - [2012/03/02 09:02:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandgps64.sys -- (AndGps)
DRV:[b]64bit:[/b] - [2012/03/02 09:02:00 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus)
DRV:[b]64bit:[/b] - [2011/05/13 07:02:51 | 000,058,432 | ---- | M] (Jetico, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\fsh.sys -- (fsh)
DRV:[b]64bit:[/b] - [2011/01/24 10:38:21 | 000,187,456 | ---- | M] (Jetico, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\bcfnt.sys -- (bcfnt)
DRV:[b]64bit:[/b] - [2010/07/17 01:02:40 | 000,013,376 | ---- | M] (Jetico, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\moh.sys -- (moh)
DRV:[b]64bit:[/b] - [2010/07/17 01:02:18 | 000,017,472 | ---- | M] (Jetico, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mhk.sys -- (mhk)
DRV:[b]64bit:[/b] - [2010/05/18 01:05:47 | 000,033,856 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_des.sys -- (BC_DES)
DRV:[b]64bit:[/b] - [2010/05/18 01:01:40 | 000,034,368 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_3des.sys -- (BC_3DES)
DRV:[b]64bit:[/b] - [2010/03/12 18:21:52 | 000,097,280 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:[b]64bit:[/b] - [2010/03/05 20:41:05 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:[b]64bit:[/b] - [2009/12/22 10:56:50 | 000,034,368 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_tfish.sys -- (BC_TFISH)
DRV:[b]64bit:[/b] - [2009/12/22 10:56:42 | 000,036,928 | ---- | M] (Michael Oestergaard Pedersen) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_serp.sys -- (BC_SERP)
DRV:[b]64bit:[/b] - [2009/12/22 10:56:33 | 000,051,264 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_rijn.sys -- (BC_RIJN)
DRV:[b]64bit:[/b] - [2009/12/22 10:56:24 | 000,030,272 | ---- | M] (Michael Oestergaard Pedersen) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_rc6.sys -- (BC_RC6)
DRV:[b]64bit:[/b] - [2009/12/22 10:56:16 | 000,027,712 | ---- | M] (Iarsn) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_idea.sys -- (BC_IDEA)
DRV:[b]64bit:[/b] - [2009/12/22 10:56:08 | 000,025,664 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_gost.sys -- (BC_Gost)
DRV:[b]64bit:[/b] - [2009/12/22 10:55:44 | 000,037,440 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_cast.sys -- (BC_CAST)
DRV:[b]64bit:[/b] - [2009/12/22 10:55:36 | 000,030,272 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_bfish.sys -- (BC_BFish)
DRV:[b]64bit:[/b] - [2009/12/22 10:55:27 | 000,030,784 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_bf448.sys -- (BC_BF448)
DRV:[b]64bit:[/b] - [2009/12/22 10:55:19 | 000,030,784 | ---- | M] (Jetico, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\bc_bf128.sys -- (BC_BF128)
DRV:[b]64bit:[/b] - [2008/07/10 05:25:42 | 000,314,904 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2016/12/24 12:18:54 | 000,027,552 | ---- | M] (REALiX(tm)) [Kernel | On_Demand | Running] -- C:\Users\Eu\AppData\Local\Temp\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2016/10/26 01:04:48 | 026,568,856 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmdag.sys -- (amdkmdag)
DRV - [2016/10/26 01:04:40 | 000,536,592 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\c0307259.inf_amd64_e75a0a5e82450920\atikmpag.sys -- (amdkmdap)
DRV - [2016/07/16 08:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [String data over 1000 bytes]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [String data over 1000 bytes]
IE - HKLM\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pt-br/?ocid=iehp
IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR,pt;q=0.5
IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 C4 5B 4F A6 5B D2 01 [binary data]
IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 58 79 A4 06 03 B5 D1 01 [binary data]
IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 33 00 00 00 1E AE 0E 38 01 F8 E0 38 B2 F2 C0 27 44 08 AA E5 21 EA 1A C1 92 3B 89 C3 AF D7 71 B2 39 D3 26 9D C8 86 23 94 FE D2 5D E5 3E 32 C6 8C EE E0 14 53 7B 06 0B 02 00 00 00 0E 00 00 00 53 4C 75 6D 32 35 34 77 38 57 4D 25 33 64 [binary data]
IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "BR"
FF - prefs.js..browser.search.region: "BR"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016/05/24 09:39:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\NativeMessagingHosts\com.scytl.icpbravoaccess\\: C:\Users\Eu\AppData\Local\Scytl\ICPBravoAccess.Extension\com.scytl.icpbravoaccess.firefox.json [2016/09/23 19:04:58 | 000,000,259 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi

[2016/10/31 19:23:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eu\AppData\Roaming\mozilla\Extensions
[2016/12/20 21:28:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eu\AppData\Roaming\mozilla\Firefox\Profiles\qmfm2inz.default\extensions
[2016/10/31 19:34:23 | 000,023,373 | ---- | M] () (No name found) -- C:\Users\Eu\AppData\Roaming\mozilla\firefox\profiles\qmfm2inz.default\extensions\firefox-hotfix@mozilla.org.xpi
[2016/11/02 13:26:41 | 000,025,218 | ---- | M] () (No name found) -- C:\Users\Eu\AppData\Roaming\mozilla\firefox\profiles\qmfm2inz.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
[2016/11/02 13:26:28 | 000,734,889 | ---- | M] () (No name found) -- C:\Users\Eu\AppData\Roaming\mozilla\firefox\profiles\qmfm2inz.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.2_0\
CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5516.1005.0.3_0\
CHR - Extension: No name found = C:\Users\Eu\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmndhfiofdlcgahoinehedbincopilm\0.9_0\

O1 HOSTS File: ([2016/05/20 09:17:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2:[b]64bit:[/b] - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Microsoft Web Test Recorder 14.0 Helper) - {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} - D:\Arquivos de Programas (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [Everything] C:\Program Files\Everything\Everything.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [StartCN] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [WindowsDefender] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BCWipeTM Startup] C:\Program Files (x86)\Jetico\BestCrypt\BCWipeTM.exe (Jetico, Inc.)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001..\Run: [EADM] G:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001..\Run: [OneDrive] C:\Users\Eu\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe (SHARMAQ)
O4 - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001..\Run: [SideSync] C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ()
O4 - HKU\S-1-5-21-1643533169-2663266846-4077307362-1001..\Run: [Steam] g:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O8:[b]64bit:[/b] - Extra context menu item: Ligar para este número pelo SideSync - C:\Program Files (x86)\Samsung\SideSync4\SideSyncContextMenu.dll (Samsung Electronics Co., Ltd.)
O8 - Extra context menu item: Ligar para este número pelo SideSync - C:\Program Files (x86)\Samsung\SideSync4\SideSyncContextMenu.dll (Samsung Electronics Co., Ltd.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Arquivos de Programas\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1aeed6ac-2130-4620-93fd-0e797acd98f4}: DhcpNameServer = 4.2.2.2 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{459fd37a-8b4a-442e-b24f-562072b80727}: DhcpNameServer = 192.168.2.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf-roaming.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:[b]64bit:[/b] - HKLM IFEO\OSppSvc.exe: Debugger - C:\WINDOWS\KMS-R@1nhook.exe ()
O27:[b]64bit:[/b] - HKLM IFEO\SppExtComObj.exe: Debugger - C:\WINDOWS\KMS-R@1nhook.exe ()
O27 - HKLM IFEO\OSppSvc.exe: Debugger - C:\WINDOWS\KMS-R@1nhook.exe ()
O27 - HKLM IFEO\SppExtComObj.exe: Debugger - C:\WINDOWS\KMS-R@1nhook.exe ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/07/22 12:45:32 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2014/07/22 12:46:28 | 000,000,000 | RHSD | M] - I:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/12/24 11:38:34 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2016/12/23 17:18:54 | 000,042,168 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\SysNative\drivers\PROCEXP152.SYS
[2016/12/21 12:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\wsr
[2016/12/21 12:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS MobiSaver for Android
[2016/12/21 12:48:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EaseUS
[2016/12/21 11:11:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHOficina
[2016/12/21 11:11:39 | 001,553,408 | ---- | C] (Osen Kusnadi) -- C:\WINDOWS\SysWow64\osenxpsuite2010.ocx
[2016/12/21 11:11:39 | 000,363,656 | ---- | C] (AdminSystem Software Limited) -- C:\WINDOWS\SysWow64\AOSMTP.dll
[2016/12/21 11:11:39 | 000,335,360 | ---- | C] (Osen Kusnadi) -- C:\WINDOWS\SysWow64\osenxpsuite2010.dll
[2016/12/21 11:11:39 | 000,062,600 | ---- | C] (NeoText Software) -- C:\WINDOWS\SysWow64\ftpclient.dll
[2016/12/21 11:11:39 | 000,042,120 | ---- | C] (SHARMAQ) -- C:\WINDOWS\SysWow64\shbarras.dll
[2016/12/21 11:11:38 | 000,103,560 | ---- | C] (WinResources Computing, Inc.) -- C:\WINDOWS\SysWow64\vertmenu.ocx
[2016/12/21 09:40:30 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realterm
[2016/12/21 09:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2016/12/20 21:09:20 | 000,000,000 | ---D | C] -- C:\Downloads
[2016/12/18 15:19:08 | 000,000,000 | ---D | C] -- C:\Users\Eu\dwhelper
[2016/12/18 14:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2016/12/18 14:08:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appmgmt
[2016/12/17 12:44:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2016/12/17 12:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2016/12/16 22:06:29 | 000,000,000 | ---D | C] -- C:\ESD
[2016/12/14 20:30:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Measurement
[2016/12/14 20:30:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Measurement
[2016/12/13 23:11:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2016/12/13 22:08:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2016/12/13 22:08:30 | 000,000,000 | -HSD | C] -- C:\Users\Eu\IntelGraphicsProfiles
[2016/12/13 22:08:29 | 000,000,000 | ---D | C] -- C:\Intel
[2016/12/13 22:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2016/12/13 21:30:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2016/12/12 18:28:17 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Local\Chromium
[2016/12/02 20:24:37 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Local\4kdownload.com
[2016/12/02 20:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
[2016/12/02 20:22:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\4KDownload
[2016/12/02 09:22:43 | 000,000,000 | ---D | C] -- C:\temp
[2016/12/02 09:22:41 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Local\Scytl
[2016/11/30 18:16:53 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Local\Deployment
[2016/11/28 20:20:31 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Roaming\uTorrent
[2016/11/28 19:14:44 | 000,064,352 | ---- | C] (Avago Technologies) -- C:\WINDOWS\SysNative\drivers\MegaSas2i.sys
[2016/11/28 19:14:16 | 000,204,288 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysNative\DscCoreConfProv.dll
[2016/11/28 19:14:16 | 000,141,824 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysWow64\DscCoreConfProv.dll
[2016/11/27 19:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2016/11/27 19:42:15 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared
[2016/11/27 19:42:05 | 000,000,000 | R--D | C] -- C:\Users\Eu\Music
[2016/11/27 19:41:41 | 000,000,000 | -HSD | C] -- C:\Recovery
[2016/11/27 19:41:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2016/11/27 19:25:05 | 000,000,000 | --SD | C] -- C:\Users\Eu\AppData\Roaming\Microsoft
[2016/11/27 19:25:05 | 000,000,000 | R--D | C] -- C:\Users\Eu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2016/11/27 19:25:05 | 000,000,000 | R--D | C] -- C:\Users\Eu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2016/11/27 19:25:05 | 000,000,000 | R--D | C] -- C:\Users\Eu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2016/11/27 19:25:05 | 000,000,000 | R--D | C] -- C:\Users\Eu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\AppData\Local\Temporary Internet Files
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\SendTo
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Recent
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Modelos
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Documents\Minhas Músicas
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Documents\Minhas Imagens
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Documents\Meus Vídeos
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Meus Documentos
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Menu Iniciar
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\AppData\Local\Histórico
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Dados de Aplicativos
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\AppData\Local\Dados de Aplicativos
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Cookies
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Configurações Locais
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Ambiente de Rede
[2016/11/27 19:25:05 | 000,000,000 | -HSD | C] -- C:\Users\Eu\Ambiente de Impressão
[2016/11/27 19:25:05 | 000,000,000 | -H-D | C] -- C:\Users\Eu\AppData
[2016/11/27 19:25:05 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Local\Temp
[2016/11/27 19:25:05 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Local\Microsoft
[2016/11/27 19:25:05 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2016/11/27 19:24:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
[2016/11/27 19:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2016/11/27 19:24:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2016/11/27 19:24:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2016/11/27 19:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2016/11/27 19:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2016/11/27 19:23:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2016/11/27 19:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2016/11/27 19:23:52 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2016/11/27 19:23:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SleepStudy
[2016/11/27 19:23:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2016/11/27 19:21:42 | 000,376,320 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysNative\DXCpl.exe
[2016/11/27 19:21:42 | 000,355,840 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysWow64\DXCpl.exe
[2016/11/27 19:21:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServiceProfiles
[2016/11/27 19:21:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Microsoft
[2016/11/27 19:20:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer
[2016/11/27 19:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2016/11/27 19:20:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2016/11/27 19:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2016/11/27 19:20:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2016/11/27 11:01:27 | 000,000,000 | -H-D | C] -- C:\$GetCurrent
[2016/11/25 20:57:23 | 000,000,000 | ---D | C] -- C:\Users\Eu\Documents\CPY_SAVES
[2016/11/25 20:12:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inside
[2016/11/25 18:44:28 | 000,000,000 | ---D | C] -- C:\Users\Eu\AppData\Roaming\SmartSteamEmu
[2016/11/25 18:37:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCOLAST
[2016/11/25 10:04:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rene.E Laboratory
[2015/12/22 12:14:10 | 000,057,344 | ---- | C] (DBA Engenharia de Sistemas) -- C:\Users\Eu\signver1.dll
[6 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[5 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[11 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/12/24 12:18:04 | 002,786,940 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/12/24 12:18:04 | 001,132,660 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/12/24 12:18:04 | 000,791,782 | ---- | M] () -- C:\WINDOWS\SysNative\prfh0416.dat
[2016/12/24 12:18:04 | 000,442,874 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/12/24 12:18:04 | 000,367,458 | ---- | M] () -- C:\WINDOWS\SysNative\prfc0416.dat
[2016/12/24 12:13:59 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/12/24 12:12:08 | 000,000,180 | ---- | M] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2016/12/24 12:11:52 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2016/12/24 12:11:46 | 2553,757,695 | -HS- | M] () -- C:\hiberfil.sys
[2016/12/23 18:58:38 | 000,065,536 | ---- | M] () -- C:\WINDOWS\SysNative\spu_storage.bin
[2016/12/23 17:18:54 | 000,042,168 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\SysNative\drivers\PROCEXP152.SYS
[2016/12/21 13:38:14 | 000,001,398 | ---- | M] () -- C:\Users\Eu\Desktop\ShowMyPC.lnk
[2016/12/21 12:48:11 | 000,001,448 | ---- | M] () -- C:\Users\Public\Desktop\EaseUS MobiSaver for Android.lnk
[2016/12/21 12:34:27 | 000,002,273 | ---- | M] () -- C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk
[2016/12/21 12:34:27 | 000,001,362 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BackupRemind.lnk
[2016/12/21 11:21:24 | 000,001,174 | ---- | M] () -- C:\Users\Eu\Desktop\Realterm.lnk
[2016/12/21 11:11:40 | 000,000,786 | ---- | M] () -- C:\Users\Eu\Desktop\SHOficina5.lnk
[2016/12/21 11:11:40 | 000,000,769 | ---- | M] () -- C:\Users\Eu\Desktop\SHVendas.lnk
[2016/12/21 09:39:13 | 000,001,213 | ---- | M] () -- C:\Users\Public\Desktop\SideSync.lnk
[2016/12/18 14:33:10 | 000,439,859 | ---- | M] () -- C:\Users\Eu\Desktop\Contr. Suel 10-2016.pdf
[2016/12/18 14:32:33 | 000,130,324 | ---- | M] () -- C:\Users\Eu\Desktop\Contr. Suel 11-2016.pdf
[2016/12/18 14:01:13 | 000,001,337 | ---- | M] () -- C:\Users\Eu\Desktop\4K Video Downloader.lnk
[2016/12/18 14:01:13 | 000,001,278 | ---- | M] () -- C:\Users\Eu\Desktop\Uplay.lnk
[2016/12/18 14:01:13 | 000,001,137 | ---- | M] () -- C:\Users\Eu\Desktop\Conectividade Social.lnk
[2016/12/16 23:18:44 | 000,473,904 | ---- | M] () -- C:\Users\Eu\Documents\mateus-12-2016.pdf
[2016/12/16 21:57:44 | 000,012,006 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2016/12/16 21:57:44 | 000,010,138 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2016/12/16 21:28:06 | 000,000,719 | ---- | M] () -- C:\Users\Eu\Desktop\Assistente de Atualização do Windows 10.lnk
[2016/12/16 08:48:10 | 000,437,896 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/12/15 11:00:44 | 004,527,277 | ---- | M] () -- C:\Users\Eu\Documents\WP_20161215_10_50_51_Pro_LI.jpg
[2016/12/15 11:00:43 | 004,512,020 | ---- | M] () -- C:\Users\Eu\Documents\WP_20161215_10_57_35_Pro_LI.jpg
[2016/12/15 10:19:38 | 000,002,258 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016/12/14 20:30:04 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Measurement.lnk
[2016/12/13 22:08:29 | 000,000,200 | ---- | M] () -- C:\WINDOWS\SysNative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
[2016/12/13 22:08:29 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\GfxValDisplayLog.bin
[2016/12/10 13:14:18 | 002,381,426 | ---- | M] () -- C:\Users\Eu\Documents\Malwee 11-2016.zip
[2016/12/09 07:29:23 | 002,681,200 | ---- | M] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016/12/09 07:11:15 | 002,048,496 | ---- | M] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/12/05 21:08:15 | 000,779,759 | ---- | M] () -- C:\Users\Eu\Documents\7 receitas paes sem gluten.pdf
[2016/12/04 11:28:32 | 002,955,776 | ---- | M] () -- C:\Users\Eu\Documents\Camera_01_20161204_110328.avi
[2016/12/02 14:09:34 | 000,983,417 | ---- | M] () -- C:\Users\Eu\Documents\NFCeAutorizada 11-2016 agua de cheiro.rar
[2016/12/02 14:06:34 | 015,158,598 | ---- | M] () -- C:\Users\Eu\Documents\NFCeAutorizada 11-2016 brasil cacau.rar
[2016/12/01 10:04:26 | 000,000,312 | ---- | M] () -- C:\Users\Eu\Documents\Limpar Cache DNS.bat
[2016/11/30 09:20:54 | 000,002,244 | -H-- | M] () -- C:\Users\Eu\Documents\Default.rdp
[2016/11/28 20:22:28 | 000,002,669 | ---- | M] () -- C:\Users\Eu\Desktop\µTorrent.lnk
[2016/11/28 20:16:06 | 000,015,425 | ---- | M] () -- C:\WINDOWS\SysNative\OEMDefaultAssociations.xml
[2016/11/27 19:40:53 | 000,023,056 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2016/11/27 19:24:55 | 001,405,922 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2016/11/27 19:23:55 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2016/11/27 19:23:52 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2016/11/27 19:23:42 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2016/11/27 18:42:31 | 000,000,036 | ---- | M] () -- C:\WINDOWS\progress.ini
[2016/11/25 20:12:59 | 000,000,836 | ---- | M] () -- C:\Users\Public\Desktop\Inside.lnk
[2016/11/25 18:37:33 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\OCOLAST.lnk
[2016/11/24 13:02:26 | 000,026,112 | ---- | M] () -- C:\WINDOWS\KMS-R@1n.exe
[2016/11/24 13:02:26 | 000,007,168 | ---- | M] () -- C:\WINDOWS\KMS-QADhook.dll
[2016/11/24 13:02:26 | 000,004,608 | ---- | M] () -- C:\WINDOWS\KMS-R@1nhook.exe
[6 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[5 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[11 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/12/21 12:48:11 | 000,001,448 | ---- | C] () -- C:\Users\Public\Desktop\EaseUS MobiSaver for Android.lnk
[2016/12/21 12:34:31 | 000,000,232 | ---- | C] () -- C:\WINDOWS\SysWow64\dllhost.exe.config
[2016/12/21 12:34:27 | 000,002,273 | ---- | C] () -- C:\Users\Public\Desktop\Wondershare Dr.Fone para Android.lnk
[2016/12/21 12:34:27 | 000,001,362 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BackupRemind.lnk
[2016/12/21 09:40:30 | 000,001,174 | ---- | C] () -- C:\Users\Eu\Desktop\Realterm.lnk
[2016/12/21 09:39:13 | 000,001,213 | ---- | C] () -- C:\Users\Public\Desktop\SideSync.lnk
[2016/12/18 14:33:08 | 000,439,859 | ---- | C] () -- C:\Users\Eu\Desktop\Contr. Suel 10-2016.pdf
[2016/12/18 14:32:32 | 000,130,324 | ---- | C] () -- C:\Users\Eu\Desktop\Contr. Suel 11-2016.pdf
[2016/12/16 23:18:43 | 000,473,904 | ---- | C] () -- C:\Users\Eu\Documents\mateus-12-2016.pdf
[2016/12/15 10:58:55 | 004,512,020 | ---- | C] () -- C:\Users\Eu\Documents\WP_20161215_10_57_35_Pro_LI.jpg
[2016/12/15 10:53:12 | 004,527,277 | ---- | C] () -- C:\Users\Eu\Documents\WP_20161215_10_50_51_Pro_LI.jpg
[2016/12/14 20:55:29 | 002,681,200 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016/12/14 20:55:10 | 002,048,496 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/12/14 20:30:04 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Measurement.lnk
[2016/12/13 22:08:29 | 000,000,200 | ---- | C] () -- C:\WINDOWS\SysNative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
[2016/12/13 22:08:29 | 000,000,180 | ---- | C] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2016/12/13 22:08:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysNative\GfxValDisplayLog.bin
[2016/12/10 13:14:17 | 002,381,426 | ---- | C] () -- C:\Users\Eu\Documents\Malwee 11-2016.zip
[2016/12/06 10:55:20 | 000,001,398 | ---- | C] () -- C:\Users\Eu\Desktop\ShowMyPC.lnk
[2016/12/05 21:08:14 | 000,779,759 | ---- | C] () -- C:\Users\Eu\Documents\7 receitas paes sem gluten.pdf
[2016/12/04 11:28:31 | 002,955,776 | ---- | C] () -- C:\Users\Eu\Documents\Camera_01_20161204_110328.avi
[2016/12/02 20:22:59 | 000,001,337 | ---- | C] () -- C:\Users\Eu\Desktop\4K Video Downloader.lnk
[2016/12/02 14:09:27 | 000,983,417 | ---- | C] () -- C:\Users\Eu\Documents\NFCeAutorizada 11-2016 agua de cheiro.rar
[2016/12/02 14:05:36 | 015,158,598 | ---- | C] () -- C:\Users\Eu\Documents\NFCeAutorizada 11-2016 brasil cacau.rar
[2016/12/01 10:04:26 | 000,000,312 | ---- | C] () -- C:\Users\Eu\Documents\Limpar Cache DNS.bat
[2016/11/28 20:22:28 | 000,002,669 | ---- | C] () -- C:\Users\Eu\Desktop\µTorrent.lnk
[2016/11/28 19:17:26 | 000,446,896 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2016/11/28 19:15:52 | 000,418,304 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Perception.Stub.dll
[2016/11/28 19:15:01 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2016/11/27 19:41:07 | 000,012,006 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2016/11/27 19:41:07 | 000,010,138 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2016/11/27 19:39:38 | 2553,757,695 | -HS- | C] () -- C:\hiberfil.sys
[2016/11/27 19:39:06 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2016/11/27 19:24:56 | 002,786,940 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/11/27 19:24:55 | 001,405,922 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2016/11/27 19:24:09 | 000,065,536 | ---- | C] () -- C:\WINDOWS\SysNative\spu_storage.bin
[2016/11/27 19:24:08 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016/11/27 19:23:55 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2016/11/27 19:23:52 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2016/11/27 19:23:42 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2016/11/27 19:23:24 | 000,437,896 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/11/27 19:23:19 | 016,777,216 | -HS- | C] () -- C:\swapfile.sys
[2016/11/27 19:22:57 | 000,000,727 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf
[2016/11/27 19:22:57 | 000,000,727 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf
[2016/11/27 18:41:19 | 000,000,036 | ---- | C] () -- C:\WINDOWS\progress.ini
[2016/11/27 11:01:15 | 000,000,731 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente de Atualização do Windows 10.lnk
[2016/11/27 11:01:15 | 000,000,719 | ---- | C] () -- C:\Users\Eu\Desktop\Assistente de Atualização do Windows 10.lnk
[2016/11/25 20:12:59 | 000,000,836 | ---- | C] () -- C:\Users\Public\Desktop\Inside.lnk
[2016/11/25 18:37:33 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\OCOLAST.lnk
[2016/10/27 16:49:25 | 000,028,672 | ---- | C] () -- C:\WINDOWS\SysWow64\base64.dll
[2016/10/27 16:41:19 | 002,256,384 | ---- | C] () -- C:\WINDOWS\SysWow64\Prx.dll
[2016/10/27 16:41:19 | 000,371,200 | ---- | C] () -- C:\WINDOWS\SysWow64\Prox.dll
[2016/10/27 16:41:19 | 000,218,112 | ---- | C] () -- C:\WINDOWS\SysWow64\Hl_med32.dll
[2016/10/27 16:41:19 | 000,167,936 | ---- | C] () -- C:\WINDOWS\SysWow64\Hlsoft32.dll
[2016/10/27 16:41:19 | 000,051,712 | ---- | C] () -- C:\WINDOWS\SysWow64\Rsa_w32.dll
[2016/10/27 16:41:19 | 000,031,744 | ---- | C] () -- C:\WINDOWS\SysWow64\Hl_pub32.dll
[2016/10/27 16:41:19 | 000,000,148 | ---- | C] () -- C:\WINDOWS\SysWow64\tcpconf.dat
[2016/10/27 16:41:13 | 000,435,200 | ---- | C] () -- C:\WINDOWS\SysWow64\cnsHTTP.dll
[2016/10/27 16:41:13 | 000,333,312 | ---- | C] () -- C:\WINDOWS\SysWow64\simplezip.dll
[2016/10/27 16:41:13 | 000,130,560 | ---- | C] () -- C:\WINDOWS\SysWow64\ZipDll.dll
[2016/10/27 16:41:13 | 000,125,440 | ---- | C] () -- C:\WINDOWS\SysWow64\UnzDll.dll
[2016/10/26 01:04:46 | 000,251,416 | ---- | C] () -- C:\WINDOWS\SysWow64\hsa-thunk.dll
[2016/10/26 01:04:44 | 000,258,064 | ---- | C] () -- C:\WINDOWS\SysWow64\GameManager32.dll
[2016/10/26 01:04:38 | 000,226,328 | ---- | C] () -- C:\WINDOWS\SysWow64\atieah32.exe
[2016/10/26 01:04:24 | 000,239,120 | ---- | C] () -- C:\WINDOWS\SysWow64\amdgfxinfo32.dll
[2016/10/18 20:07:51 | 000,026,112 | ---- | C] () -- C:\WINDOWS\KMS-R@1n.exe
[2016/10/18 20:07:51 | 000,007,168 | ---- | C] () -- C:\WINDOWS\KMS-QADhook.dll
[2016/10/18 20:07:51 | 000,004,608 | ---- | C] () -- C:\WINDOWS\KMS-R@1nhook.exe
[2016/09/16 14:57:24 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2016/09/16 14:57:24 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2016/07/16 08:47:57 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2016/07/16 08:47:57 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2016/07/16 08:43:04 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2016/07/16 08:43:00 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2016/07/16 08:42:55 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2016/07/16 08:42:53 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2016/07/16 08:42:49 | 000,304,640 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2016/07/16 08:42:48 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2016/07/16 08:42:43 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2016/07/16 08:42:12 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2016/07/13 16:09:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2016/05/21 20:18:02 | 000,650,752 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2016/05/21 20:18:02 | 000,243,200 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2016/05/21 20:18:02 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lagarith.dll
[2016/05/21 20:18:01 | 000,178,688 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2016/05/21 20:17:59 | 000,079,872 | ---- | C] () -- C:\WINDOWS\SysWow64\ff_vfw.dll
[2016/03/28 01:37:14 | 000,027,648 | ---- | C] () -- C:\WINDOWS\SysWow64\gluninstall.dll
[2015/11/24 20:56:05 | 000,000,600 | ---- | C] () -- C:\Users\Eu\PUTTY.RND

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016/11/11 07:01:16 | 007,219,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/11/11 04:47:14 | 005,722,832 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016/07/16 08:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 08:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/07/16 08:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2016/05/20 18:22:38 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\BSplayer
[2016/05/20 17:22:16 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\BSplayer Pro
[2016/06/29 13:19:47 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\DMCache
[2016/12/23 18:58:25 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\Everything
[2016/10/07 20:47:25 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\HMYGSetting
[2016/07/15 12:41:13 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\IDM
[2016/05/21 19:23:49 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\MAD
[2016/11/20 12:01:57 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\Notepad++
[2016/05/20 21:30:28 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\NuGet
[2016/11/21 18:31:31 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\Origin
[2016/10/16 22:21:39 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\Samsung
[2016/11/25 18:44:29 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\SmartSteamEmu
[2016/11/26 12:53:15 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\TeamViewer
[2016/05/28 18:45:01 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\TeraCopy
[2016/11/10 20:42:51 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\TightVNC
[2016/05/21 21:24:47 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\Ubisoft
[2016/05/21 21:35:41 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\uplay
[2016/12/24 12:03:24 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\uTorrent
[2016/10/07 20:44:54 | 000,000,000 | ---D | M] -- C:\Users\Eu\AppData\Roaming\Wondershare

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %APPDATA%\* >[/color]

[color=#A23BEC]< %ProgramFiles%\* >[/color]
[2016/05/20 17:32:05 | 000,038,600 | ---- | M] () -- C:\Program Files (x86)\CMS Setup Log.txt
[2016/07/16 08:45:35 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
[2016/05/20 17:32:13 | 000,006,866 | ---- | M] () -- C:\Program Files (x86)\DeviceManage Setup Log.txt
[2016/05/20 17:33:05 | 000,010,875 | ---- | M] () -- C:\Program Files (x86)\Player Setup Log.txt

[color=#A23BEC]< %SystemDrive%\* >[/color]
[2015/12/07 21:16:00 | 000,000,040 | -H-- | M] () -- C:\16CF24FF6BF6
[2013/08/22 02:31:45 | 000,427,680 | RHS- | M] () -- C:\bootmgr
[2016/05/23 21:29:36 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2016/12/24 12:11:46 | 2553,757,695 | -HS- | M] () -- C:\hiberfil.sys
[2016/12/24 12:11:51 | 2550,136,832 | -HS- | M] () -- C:\pagefile.sys
[2016/12/24 12:11:52 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[11 C:\*.tmp files -> C:\*.tmp -> ]

< End of report >

Publicité

Signaler le contenu de ce document

Publicité