cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 07/04/2016 18:44:29 - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Program Files\PortableApps\OTLPEPortable\App
64bit-Windows 10 Home (Version = 6.3.10586) - Type = System
Internet Explorer (Version = 9.11.10586.0)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 75,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\Windows | %ProgramFiles% = H:\Program Files (x86)
Drive C: | 500,00 Mb Total Space | 158,36 Mb Free Space | 31,67% Space Free | Partition Type: NTFS
Drive D: | 146,49 Gb Total Space | 47,95 Gb Free Space | 32,73% Space Free | Partition Type: NTFS
Drive E: | 465,63 Gb Total Space | 348,01 Gb Free Space | 74,74% Space Free | Partition Type: NTFS
Drive F: | 48,83 Gb Total Space | 24,01 Gb Free Space | 49,18% Space Free | Partition Type: NTFS
Drive G: | 192,32 Gb Total Space | 48,00 Gb Free Space | 24,96% Space Free | Partition Type: NTFS
Drive H: | 118,75 Gb Total Space | 33,45 Gb Free Space | 28,17% Space Free | Partition Type: NTFS
Drive I: | 375,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive X: | 254,58 Mb Total Space | 252,15 Mb Free Space | 99,05% Space Free | Partition Type: NTFS

Computer Name: MININT-DRIM6HA | User Name: Système
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/02/24 10:34:50 | 001,613,664 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2016/02/24 10:28:35 | 003,449,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2016/02/24 09:43:01 | 000,625,000 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2016/02/24 08:19:10 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2016/02/24 08:07:53 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2016/02/24 07:40:53 | 001,224,704 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2016/02/24 07:18:37 | 001,490,432 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2016/02/24 07:00:56 | 001,098,752 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2016/02/24 06:57:04 | 002,158,592 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2016/02/23 10:20:41 | 001,139,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2016/02/23 10:17:08 | 000,649,216 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2016/02/23 09:37:50 | 000,204,288 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2016/02/23 09:29:35 | 000,591,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2016/02/23 09:28:32 | 000,275,456 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2016/02/23 09:20:36 | 000,606,720 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2016/02/23 09:19:14 | 000,948,736 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2016/02/23 09:11:33 | 000,587,776 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2016/02/23 08:58:02 | 000,163,840 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2016/01/16 06:24:56 | 002,057,216 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2016/01/05 02:49:33 | 000,749,056 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2016/01/05 02:43:47 | 000,912,384 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2015/12/07 05:15:40 | 001,035,776 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2015/12/07 05:04:20 | 000,066,560 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2015/11/22 10:43:32 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2015/11/13 07:00:34 | 000,087,040 | ---- | M] (Microsoft Corporation) [Disabled] -- H:\Windows\System32\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2015/11/13 06:58:04 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:19:28 | 001,073,152 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2015/10/30 08:19:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2015/10/30 08:19:26 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2015/10/30 08:19:26 | 000,497,664 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2015/10/30 08:18:46 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:18:43 | 001,872,896 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:18:41 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/10/30 08:18:19 | 001,297,408 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2015/10/30 08:18:18 | 000,729,600 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2015/10/30 08:18:14 | 000,081,408 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2015/10/30 08:18:01 | 000,490,496 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:18:01 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2015/10/30 08:18:01 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:18:01 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2015/10/30 08:18:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2015/10/30 08:18:01 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:18:01 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:59 | 002,745,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:59 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:59 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:58 | 000,764,976 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:58 | 000,287,744 | ---- | M] (Microsoft Corporation) [Disabled] -- H:\Windows\System32\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:54 | 000,360,960 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:52 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:51 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:50 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (UserDataSvc_a134b)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (UserDataSvc_4e5cb)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (UserDataSvc_4c94e)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (UserDataSvc_415e7)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (UserDataSvc_40ee3)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (UnistoreSvc_a134b)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (UnistoreSvc_4e5cb)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (UnistoreSvc_4c94e)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (UnistoreSvc_415e7)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (UnistoreSvc_40ee3)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (PimIndexMaintenanceSvc_a134b)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (PimIndexMaintenanceSvc_4e5cb)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (PimIndexMaintenanceSvc_4c94e)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (PimIndexMaintenanceSvc_415e7)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (PimIndexMaintenanceSvc_40ee3)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\svchost.exe -- (OneSyncSvc_a134b)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\svchost.exe -- (OneSyncSvc_4e5cb)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\svchost.exe -- (OneSyncSvc_4c94e)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\svchost.exe -- (OneSyncSvc_415e7)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\svchost.exe -- (OneSyncSvc_40ee3)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (MessagingService_a134b)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (MessagingService_4e5cb)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (MessagingService_4c94e)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (MessagingService_415e7)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svchost.exe -- (MessagingService_40ee3)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:48 | 000,444,928 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:48 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:47 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:46 | 000,290,304 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:46 | 000,186,880 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\dcpsvc.dll -- (DcpSvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:46 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:46 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:45 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:43 | 000,278,016 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:43 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:39 | 000,547,840 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,380,416 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,364,464 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,024,864 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:21 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\System32\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2015/08/27 18:20:10 | 000,330,136 | ---- | M] (Intel Corporation) [Auto] -- H:\Windows\System32\igfxCUIService.exe -- (igfxCUIService1.0.0.0) Intel(R)
SRV:[b]64bit:[/b] - [2015/07/06 11:06:20 | 000,073,200 | ---- | M] (SiSoftware) [On_Demand] -- H:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2016/03/23 22:03:11 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- H:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/03/19 09:01:06 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand] -- H:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto] -- H:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto] -- H:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2016/02/24 07:07:45 | 000,949,248 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2016/01/29 16:11:22 | 000,327,296 | R--- | M] (Skype Technologies) [Auto] -- H:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016/01/28 17:39:38 | 003,898,360 | ---- | M] (Acronis) [Auto] -- H:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2015/12/25 22:12:19 | 000,107,624 | ---- | M] (RaMMicHaeL) [Auto] -- H:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe -- (Unchecky)
SRV - [2015/12/14 16:43:10 | 006,889,232 | ---- | M] (TeamViewer GmbH) [Auto] -- H:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2015/12/08 13:55:28 | 002,129,176 | ---- | M] (LULU SOFTWARE LIMITED) [On_Demand] -- H:\Program Files (x86)\Soda PDF 7\ws.exe -- (Soda PDF 7)
SRV - [2015/12/08 13:55:10 | 000,650,520 | ---- | M] (LULU SOFTWARE LIMITED) [Auto] -- H:\Program Files (x86)\Soda PDF 7\creator-ws.exe -- (Soda PDF 7 Creator)
SRV - [2015/12/08 13:55:04 | 000,847,640 | ---- | M] (LULU SOFTWARE LIMITED) [On_Demand] -- H:\Program Files (x86)\Soda PDF 7\crash-handler-ws.exe -- (Soda PDF 7 CrashHandler)
SRV - [2015/10/30 08:18:31 | 002,179,584 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/10/30 08:18:31 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
SRV - [2015/10/30 08:18:29 | 000,461,824 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2015/10/30 08:18:23 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2015/10/30 08:18:21 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand] -- H:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2015/08/27 18:20:12 | 000,291,744 | ---- | M] (Intel Corporation) [On_Demand] -- H:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R)
SRV - [2015/07/13 12:44:30 | 000,093,040 | ---- | M] (TomTom) [Auto] -- H:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2015/02/05 04:52:20 | 000,248,736 | ---- | M] () [Auto] -- H:\Program Files (x86)\Synology\Assistant\UsbClientService.exe -- (UsbClientService)
SRV - [2015/01/29 17:02:32 | 000,868,688 | ---- | M] (LULU Software Limited) [Auto] -- H:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe -- (SODA Manager)
SRV - [2014/12/20 12:00:00 | 000,820,960 | ---- | M] (Mister Group) [On_Demand] -- H:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe -- (SystemExplorerHelpService)
SRV - [2014/04/30 19:05:34 | 001,705,544 | ---- | M] (LaCie) [Auto] -- H:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCieDesktopManagerDaemon.exe -- (LaCieDesktopManagerDaemon)
SRV - [2014/02/04 17:06:36 | 007,151,024 | ---- | M] (Acronis) [Auto] -- H:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2013/07/18 11:52:08 | 001,143,368 | ---- | M] (Acronis) [Auto] -- H:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/04/07 17:24:06 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand] -- H:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2016/03/10 14:09:10 | 000,065,408 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- H:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:[b]64bit:[/b] - [2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand] -- H:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2016/03/04 17:29:00 | 000,205,784 | ---- | M] (Oracle Corporation) [Kernel | System] -- H:\Windows\system32\DRIVERS\VBoxNetLwf.sys -- (VBoxNetLwf)
DRV:[b]64bit:[/b] - [2016/03/04 17:29:00 | 000,127,456 | ---- | M] (Oracle Corporation) [Kernel | System] -- H:\Windows\system32\DRIVERS\VBoxNetAdp6.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2016/02/23 10:25:27 | 000,534,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\UsbHub3.sys -- (USBHUB3)
DRV:[b]64bit:[/b] - [2016/02/23 10:20:35 | 000,238,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2016/02/23 10:19:41 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2016/02/09 05:28:18 | 000,277,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2016/01/28 17:39:39 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand] -- H:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV:[b]64bit:[/b] - [2016/01/28 17:39:37 | 001,464,096 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand] -- H:\Windows\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV:[b]64bit:[/b] - [2016/01/28 17:39:37 | 001,120,032 | ---- | M] (Acronis International GmbH) [Kernel | Boot] -- H:\Windows\System32\drivers\tib.sys -- (tib)
DRV:[b]64bit:[/b] - [2016/01/28 17:39:37 | 000,198,432 | ---- | M] (Acronis International GmbH) [Kernel | Boot] -- H:\Windows\System32\drivers\tib_mounter.sys -- (tib_mounter)
DRV:[b]64bit:[/b] - [2016/01/28 17:39:36 | 000,269,600 | ---- | M] (Acronis International GmbH) [Kernel | Boot] -- H:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV:[b]64bit:[/b] - [2016/01/28 17:39:36 | 000,116,000 | ---- | M] (Acronis International GmbH) [Kernel | Boot] -- H:\Windows\System32\drivers\fltsrv.sys -- (fltsrv)
DRV:[b]64bit:[/b] - [2016/01/16 06:46:08 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2015/11/22 11:33:26 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2015/11/22 10:54:39 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2015/10/30 20:02:59 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2015/10/30 20:02:53 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2015/10/30 08:19:39 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2015/10/30 08:18:42 | 000,052,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2015/10/30 08:18:09 | 000,385,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2015/10/30 08:18:09 | 000,003,009 | ---- | M] () [File_System | On_Demand] -- H:\Windows\System32\wbem\refsv1.mof -- (ReFSv1)
DRV:[b]64bit:[/b] - [2015/10/30 08:18:09 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- H:\Windows\System32\wbem\ntfs.mof -- (NTFS)
DRV:[b]64bit:[/b] - [2015/10/30 08:18:08 | 000,218,624 | ---- | M] (Microsoft Corporation) [Kernel | System] -- H:\Windows\System32\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2015/10/30 08:18:03 | 000,200,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2015/10/30 08:18:03 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2015/10/30 08:18:03 | 000,078,848 | ---- | M] (Microsoft Corporation) [File_System | Auto] -- H:\Windows\System32\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2015/10/30 08:18:03 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2015/10/30 08:18:03 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2015/10/30 08:18:03 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- H:\Windows\System32\drivers\ioqos.sys -- (IoQos)
DRV:[b]64bit:[/b] - [2015/10/30 08:18:01 | 000,154,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:57 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- H:\Windows\system32\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:52 | 000,254,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:52 | 000,163,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:52 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:52 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- H:\Windows\System32\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:51 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:51 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:51 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:51 | 000,074,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:51 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:46 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System] -- H:\Windows\System32\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:46 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- H:\Windows\System32\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:42 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:42 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:40 | 000,694,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:39 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- H:\Windows\System32\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,293,216 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- H:\Windows\System32\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,209,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- H:\Windows\System32\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,099,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,087,040 | ---- | M] (Microsoft Corporation) [File_System | System] -- H:\Windows\System32\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:37 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:26 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:25 | 000,046,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:25 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:25 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:25 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System] -- H:\Windows\System32\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand] -- H:\Windows\System32\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand] -- H:\Windows\System32\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,532,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand] -- H:\Windows\System32\drivers\ibbus.sys -- (ibbus) @mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,378,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,133,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,104,800 | ---- | M] (LSI Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,099,168 | ---- | M] (Avago Technologies) [Kernel | Boot] -- H:\Windows\System32\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,094,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\uaspstor.sys -- (UASPStor) @uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,076,128 | ---- | M] (Mellanox) [Kernel | On_Demand] -- H:\Windows\System32\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot] -- H:\Windows\System32\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,059,232 | ---- | M] (Mellanox) [Kernel | On_Demand] -- H:\Windows\System32\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot] -- H:\Windows\System32\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,058,208 | ---- | M] (LSI Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | System] -- H:\Windows\System32\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System] -- H:\Windows\System32\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,034,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\storufs.sys -- (storufs) @storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:23 | 000,026,976 | ---- | M] (Mellanox) [Kernel | On_Demand] -- H:\Windows\System32\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 003,436,896 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot] -- H:\Windows\System32\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\iaStorAV.sys -- (iaStorAV) @iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,209,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot] -- H:\Windows\System32\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\UEFI.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\kdnic.sys -- (kdnic) @kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand] -- H:\Windows\System32\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand] -- H:\Windows\System32\drivers\bcmfn.sys -- (bcmfn)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\system32\DRIVERS\WSDScan.sys -- (WSDScan)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,165,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C) @iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,117,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) @ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\iai2c.sys -- (iai2c) @iai2c.inf,%iai2c.SVCDESC%;Intel(R)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- H:\Windows\System32\drivers\intelpep.sys -- (intelpep) @intelpep.inf,%INTELPEP.SVCDESC%;Intel(R)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) @ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\BthHFHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2015/10/30 08:17:18 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2015/10/12 12:05:14 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto] -- H:\Windows\System32\drivers\npf.sys -- (npf)
DRV:[b]64bit:[/b] - [2015/08/27 18:20:10 | 003,797,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- H:\Windows\system32\DRIVERS\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2015/08/21 11:50:48 | 000,463,112 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- H:\Windows\system32\DRIVERS\IntcDAud.sys -- (IntcDAud) @oem11.inf,%IntcDAud.SvcDesc%;Son Intel(R)
DRV:[b]64bit:[/b] - [2015/07/20 20:45:04 | 000,050,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- H:\Windows\system32\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2015/07/20 20:45:04 | 000,038,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2015/07/10 15:35:26 | 000,193,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\TeeDriverW8x64.sys -- (MEIx64) @oem5.inf,%TEE_SvcDesc%;Intel(R)
DRV:[b]64bit:[/b] - [2012/10/26 16:42:22 | 004,758,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- H:\Windows\system32\DRIVERS\lvuvc64.sys -- (LVUVC64) @oem8.inf,%PID_082D_DD%(UVC);Logitech HD Pro Webcam C920(UVC)
DRV:[b]64bit:[/b] - [2012/10/26 16:42:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- H:\Windows\system32\DRIVERS\lvrs64.sys -- (LVRS64)
DRV:[b]64bit:[/b] - [2012/08/03 10:42:24 | 000,057,824 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand] -- H:\Windows\System32\drivers\busenum.sys -- (busenum)
DRV:[b]64bit:[/b] - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand] -- H:\Windows\System32\drivers\revoflt.sys -- (Revoflt)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\jmpco_ON_H\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\jmpco_ON_H\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/
IE - HKU\jmpco_ON_H\Software\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 1A 00 00 00 78 1A B9 B4 33 5B 1F 2C C1 06 A5 DE DA 47 CA B7 DB 6F 8B 62 E3 E9 CE E6 64 DA 02 00 00 00 0E 00 00 00 6B 78 6E 48 45 66 6D 72 30 62 49 25 33 64 [binary data]
IE - HKU\jmpco_ON_H\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_H\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\NetworkService_ON_H\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm



[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.hiddenOneOffs: "Yahoo,Bing,Amazon.fr,DuckDuckGo,eBay France,Portail Lexical - CNRTL"
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..browser.startup.homepage: "about:home"

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\Windows\System32\Macromed\Flash\NPSWF64_21_0_0_197.dll ()
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: H:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: H:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: H:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: H:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: H:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@canon.com/EPPEX: H:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: H:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: H:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: H:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0: H:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: H:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: H:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Soda PDF 7: H:\Program Files (x86)\Soda PDF 7\np-previewer.dll (LULU SOFTWARE LIMITED)
FF - HKCU\Software\MozillaPlugins\@sony.com/Some: H:\Program Files (x86)\Sony\Bloggie Software\npsome.dll (Sony)

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\soda_pdf_7_conv@sodapdf.com: C:\Program Files (x86)\Soda PDF 7\resources\sodapdf7firefoxextension\ [2015/12/27 12:06:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 45.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 45.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/04/06 19:03:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 38.7.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 38.7.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2016/03/27 15:44:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/04/06 19:03:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 38.7.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 38.7.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2016/03/27 15:44:28 | 000,000,000 | ---D | M]

[2016/01/30 16:59:02 | 000,000,000 | ---D | M] (No name found) -- H:\Users\jmpco\AppData\Roaming\mozilla\Extensions
[2016/01/30 16:59:02 | 000,000,000 | ---D | M] (No name found) -- H:\Users\jmpco\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2016/03/27 12:50:55 | 000,000,000 | ---D | M] (No name found) -- H:\Users\jmpco\AppData\Roaming\mozilla\Firefox\Profiles\r5smatcf.default\extensions
[2016/03/27 12:50:55 | 000,000,000 | ---D | M] (FEBE) -- H:\Users\jmpco\AppData\Roaming\mozilla\Firefox\Profiles\r5smatcf.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2016/02/12 18:04:01 | 000,000,000 | ---D | M] ("Default Full Zoom Level") -- H:\Users\jmpco\AppData\Roaming\mozilla\Firefox\Profiles\r5smatcf.default\extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D}
[2015/12/25 22:55:00 | 000,000,000 | ---D | M] (No name found) -- H:\Users\jmpco\AppData\Roaming\mozilla\Firefox\Profiles\r5smatcf.default\jetpack\jetpack-extension@dashlane.com
[2015/12/25 23:00:00 | 000,000,000 | ---D | M] (No name found) -- H:\Users\jmpco\AppData\Roaming\mozilla\Firefox\Profiles\r5smatcf.default\jetpack\jetpack-extension@dashlane.com\simple-storage
[2016/03/19 09:01:07 | 000,000,000 | ---D | M] (No name found) -- H:\Program Files (x86)\Mozilla Firefox\browser\extensions
File not found (No name found) --
() (No name found) -- H:\USERS\JMPCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R5SMATCF.DEFAULT\EXTENSIONS\FORECASTFOX@S3_FIX_VERSION.XPI
() (No name found) -- H:\USERS\JMPCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R5SMATCF.DEFAULT\EXTENSIONS\S3GOOGLE@TRANSLATOR.XPI
() (No name found) -- H:\USERS\JMPCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R5SMATCF.DEFAULT\EXTENSIONS\TILETABS@DW-DEV.XPI
() (No name found) -- H:\USERS\JMPCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R5SMATCF.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI
[2014/05/21 11:23:56 | 000,034,072 | ---- | M] (Microsoft Corporation) -- H:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

O1 HOSTS File: ([2016/04/07 17:23:55 | 000,001,927 | ---- | M]) - H:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
O1 - Hosts: 0.0.0.0 media.opencandy.com
O1 - Hosts: 0.0.0.0 cdn.opencandy.com
O1 - Hosts: 0.0.0.0 tracking.opencandy.com
O1 - Hosts: 0.0.0.0 api.opencandy.com
O1 - Hosts: 0.0.0.0 installer.betterinstaller.com
O1 - Hosts: 0.0.0.0 installer.filebulldog.com
O1 - Hosts: 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
O1 - Hosts: 0.0.0.0 inno.bisrv.com
O1 - Hosts: 0.0.0.0 nsis.bisrv.com
O1 - Hosts: 0.0.0.0 cdn.file2desktop.com
O1 - Hosts: 0.0.0.0 cdn.goateastcach.us
O1 - Hosts: 0.0.0.0 cdn.guttastatdk.us
O1 - Hosts: 0.0.0.0 cdn.inskinmedia.com
O1 - Hosts: 0.0.0.0 cdn.insta.oibundles2.com
O1 - Hosts: 0.0.0.0 cdn.insta.playbryte.com
O1 - Hosts: 0.0.0.0 cdn.llogetfastcach.us
O1 - Hosts: 0.0.0.0 cdn.montiera.com
O1 - Hosts: 0.0.0.0 cdn.msdwnld.com
O1 - Hosts: 0.0.0.0 cdn.mypcbackup.com
O1 - Hosts: 0.0.0.0 cdn.ppdownload.com
O1 - Hosts: 0.0.0.0 cdn.riceateastcach.us
O1 - Hosts: 0.0.0.0 cdn.shyapotato.us
O1 - Hosts: 0.0.0.0 cdn.solimba.com
O1 - Hosts: 0.0.0.0 cdn.tuto4pc.com
O1 - Hosts: 9 more lines...
O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - H:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (ExplorerWatcher Class) - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - H:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
O2 - BHO: (Soda PDF 7 Helper) - {1D31AA81-4D4B-4BFB-B3AF-B6DDD6DF43B1} - H:\Program Files (x86)\Soda PDF 7\creator-ie-helper.dll (LULU SOFTWARE LIMITED)
O2 - BHO: (Dashlane BHO) - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - H:\Users\jmpco\AppData\Roaming\Dashlane\ie\Dashlanei.dll (Dashlane)
O3 - HKLM\..\Toolbar: (Dashlane Toolbar) - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - H:\Users\jmpco\AppData\Roaming\Dashlane\ie\KWIEBar.dll (Dashlane)
O3 - HKLM\..\Toolbar: (Soda PDF 7 Toolbar) - {7C68E87F-4487-4AE5-BBC2-C398C530DE9A} - H:\Program Files (x86)\Soda PDF 7\creator-ie-plugin.dll (LULU SOFTWARE LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [Acronis Scheduler2 Service] H:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:[b]64bit:[/b] - HKLM..\Run: [Logitech Download Assistant] H:\Windows\System32\LogiLDA.dll (Logitech, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] H:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AcronisTibMounterMonitor] H:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis International GmbH)
O4 - HKLM..\Run: [DivXMediaServer] H:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [iMON] H:\Program Files (x86)\SoundGraph\iMON\iMON.exe (SoundGraph, Inc.)
O4 - HKLM..\Run: [LWS] H:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [SystemExplorerAutoStart] H:\Program Files (x86)\System Explorer\SystemExplorer.exe (Mister Group)
O4 - HKLM..\Run: [TrueImageMonitor.exe] H:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\jmpco_ON_H..\Run: [CCleaner Monitoring] H:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\jmpco_ON_H..\Run: [Dashlane] H:\Users\jmpco\AppData\Roaming\Dashlane\Dashlane.exe ()
O4 - HKU\jmpco_ON_H..\Run: [DashlanePlugin] H:\Users\jmpco\AppData\Roaming\Dashlane\DashlanePlugin.exe ()
O4 - HKU\jmpco_ON_H..\Run: [GoogleDriveSync] H:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\jmpco_ON_H..\Run: [LaCie Desktop Manager 2 Startup] H:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCie Desktop Manager.exe (LaCie)
O4 - HKU\jmpco_ON_H..\Run: [Mini-sunclock] H:\Program Files (x86)\Mini-sunclock\sunclock.exe (Alexandre Vialle)
O4 - HKU\jmpco_ON_H..\Run: [Rainlendar2] H:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - HKU\jmpco_ON_H..\Run: [TomTomHOME.exe] H:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\LocalService_ON_H..\Run: [OneDriveSetup] H:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_H..\Run: [OneDriveSetup] H:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O13:[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - H:\Windows\System32\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - H:\Windows\System32\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - H:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - H:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - H:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[b]64bit:[/b] O35 - HKLM\..comfile [open] -- "%1" %* File not found
[b]64bit:[/b] O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig:64bit - State: "bootini" - 2

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {583AC46A-4A6F-39BC-AEFD-1BC2759FFA51} - .NET Framework
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {583AC46A-4A6F-39BC-AEFD-1BC2759FFA51} - .NET Framework
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

NetSvcs:[b]64bit:[/b] dosvc - H:\Windows\System32\dosvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DcpSvc - H:\Windows\System32\dcpsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] wlidsvc - H:\Windows\System32\wlidsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NcaSvc - H:\Windows\System32\NcaSvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NetSetupSvc - H:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] RetailDemo - H:\Windows\System32\RDXService.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] lfsvc - H:\Windows\System32\lfsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] dmwappushservice - H:\Windows\System32\dmwappushsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XboxNetApiSvc - H:\Windows\System32\XboxNetApiSvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] UsoSvc - H:\Windows\System32\usocore.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XblGameSave - H:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DmEnrollmentSvc - H:\Windows\System32\Windows.Internal.Management.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DsmSvc - H:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] UserManager - H:\Windows\System32\usermgr.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XblAuthManager - H:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)

SafeBootMin:[b]64bit:[/b] Ahcache.sys - H:\Windows\System32\drivers\ahcache.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] BasicDisplay.sys - H:\Windows\System32\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] BasicRender.sys - H:\Windows\System32\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] BrokerInfrastructure - H:\Windows\System32\bisrv.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] CoreMessagingRegistrar - H:\Windows\System32\CoreMessaging.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] iai2c.sys - H:\Windows\System32\drivers\iai2c.sys (Intel(R) Corporation)
SafeBootMin:[b]64bit:[/b] LSM - H:\Windows\System32\lsm.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] SpbCx.sys - H:\Windows\System32\drivers\SpbCx.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] StateRepository - H:\Windows\System32\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] SystemEventsBroker - H:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] TBS - Service
SafeBootMin:[b]64bit:[/b] TileDataModelSvc - H:\Windows\System32\tileobjserver.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] uefi.sys - H:\Windows\System32\drivers\UEFI.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] UserManager - H:\Windows\System32\usermgr.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - H:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin:[b]64bit:[/b] {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: CoreMessagingRegistrar - H:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: StateRepository - H:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware

SafeBootNet:[b]64bit:[/b] Ahcache.sys - H:\Windows\System32\drivers\ahcache.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] BasicDisplay.sys - H:\Windows\System32\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] BasicRender.sys - H:\Windows\System32\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] BrokerInfrastructure - H:\Windows\System32\bisrv.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] CoreMessagingRegistrar - H:\Windows\System32\CoreMessaging.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] LSM - H:\Windows\System32\lsm.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] netprofm - H:\Windows\System32\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdpencdd.sys - Driver
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] SmartcardSimulator - Driver
SafeBootNet:[b]64bit:[/b] SpbCx.sys - H:\Windows\System32\drivers\SpbCx.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] StateRepository - H:\Windows\System32\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] SystemEventsBroker - H:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] TBS - Service
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] TileDataModelSvc - H:\Windows\System32\tileobjserver.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] uefi.sys - H:\Windows\System32\drivers\UEFI.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] UserManager - H:\Windows\System32\usermgr.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] VirtualSmartcardReader - Driver
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] Wcmsvc - H:\Windows\System32\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WinDefend - H:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:[b]64bit:[/b] {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: CoreMessagingRegistrar - H:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: StateRepository - H:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/04/07 05:18:02 | 000,000,000 | ---D | C] -- H:\Windows\Minidump
[2016/04/06 19:09:30 | 000,000,000 | ---D | C] -- H:\Program Files\Microsoft.NET
[2016/04/06 18:09:33 | 000,000,000 | R--D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2016/04/06 18:09:21 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\Microsoft SQL Server
[2016/04/06 18:09:14 | 000,000,000 | ---D | C] -- H:\Windows\PCHEALTH
[2016/04/06 18:09:14 | 000,000,000 | ---D | C] -- H:\Program Files\Microsoft SQL Server
[2016/04/06 18:06:52 | 000,000,000 | ---D | C] -- H:\Program Files\Microsoft Analysis Services
[2016/04/06 18:06:52 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\Microsoft Analysis Services
[2016/04/06 18:06:50 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\Microsoft Office
[2016/04/06 18:06:45 | 000,000,000 | RH-D | C] -- H:\MSOCache
[2016/04/06 18:00:22 | 000,000,000 | -HSD | C] -- H:\Config.Msi
[2016/04/06 17:57:51 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft Toolkit
[2016/04/06 17:32:27 | 000,000,000 | ---D | C] -- H:\Program Files\Microsoft Office
[2016/04/06 05:18:10 | 000,000,000 | ---D | C] -- H:\Users\jmpco\AppData\Local\ElevatedDiagnostics
[2016/04/02 16:16:30 | 000,000,000 | ---D | C] -- H:\Iso2Usb
[2016/04/01 18:25:42 | 000,000,000 | ---D | C] -- H:\Users\jmpco\AppData\Local\Neal_Whittington
[2016/03/31 17:07:52 | 000,000,000 | ---D | C] -- H:\Users\jmpco\AppData\Local\Clover
[2016/03/31 17:07:51 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clover
[2016/03/31 17:07:50 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\Clover
[2016/03/30 19:44:33 | 000,000,000 | ---D | C] -- H:\Users\jmpco\AppData\Local\Tempdivx26e1
[2016/03/27 15:42:43 | 000,000,000 | ---D | C] -- H:\Users\jmpco\AppData\Local\Tempdivx4fb7
[2016/03/27 12:38:02 | 000,000,000 | ---D | C] -- H:\Mes Sites Web
[2016/03/21 20:03:05 | 000,000,000 | ---D | C] -- H:\Users\jmpco\AppData\Roaming\WinRAR
[2016/03/21 20:02:40 | 000,000,000 | ---D | C] -- H:\Users\jmpco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2016/03/21 20:02:40 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2016/03/20 16:32:34 | 000,000,000 | ---D | C] -- H:\Users\jmpco\Documents\ZedTV
[2016/03/19 09:01:04 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\Mozilla Firefox
[2016/03/18 21:33:31 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\Common Files\Skype
[2016/03/17 17:33:07 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\Mozilla Thunderbird
[2016/03/16 22:54:23 | 000,000,000 | ---D | C] -- H:\ProgramData\Auslogics
[2016/03/16 22:45:51 | 000,000,000 | ---D | C] -- H:\Users\jmpco\AppData\Roaming\Auslogics
[2016/03/13 15:46:32 | 000,000,000 | ---D | C] -- H:\Windows\pss
[2016/03/09 19:25:01 | 000,000,000 | ---D | C] -- H:\Program Files\DivX
[2016/03/09 19:17:04 | 000,000,000 | ---D | C] -- H:\Users\jmpco\AppData\Roaming\DivX
[2016/03/09 19:17:02 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2016/03/09 19:16:53 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\Common Files\DivX Shared
[2016/03/09 19:16:18 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\DivX
[2016/03/09 19:14:55 | 000,000,000 | ---D | C] -- H:\ProgramData\DivX
[2016/03/09 16:06:48 | 000,949,248 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\Unistore.dll
[2016/03/09 16:06:47 | 022,376,960 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\edgehtml.dll
[2016/03/09 16:06:47 | 001,707,520 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\ActiveSyncProvider.dll
[2016/03/09 16:06:47 | 001,224,704 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\Unistore.dll
[2016/03/09 16:06:46 | 007,474,528 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ntoskrnl.exe
[2016/03/09 16:06:46 | 001,996,288 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ActiveSyncProvider.dll
[2016/03/09 16:06:45 | 018,677,760 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\edgehtml.dll
[2016/03/09 16:06:45 | 003,593,216 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\win32kfull.sys
[2016/03/09 16:06:43 | 014,252,544 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\wmp.dll
[2016/03/09 16:06:43 | 003,449,168 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WSService.dll
[2016/03/09 16:06:43 | 000,286,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\deviceaccess.dll
[2016/03/09 16:06:42 | 012,586,496 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\wmp.dll
[2016/03/09 16:06:42 | 006,972,416 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\Windows.Data.Pdf.dll
[2016/03/09 16:06:41 | 007,835,648 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\Chakra.dll
[2016/03/09 16:06:40 | 006,607,080 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\windows.storage.dll
[2016/03/09 16:06:40 | 005,321,728 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\Windows.Data.Pdf.dll
[2016/03/09 16:06:40 | 005,242,496 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\windows.storage.dll
[2016/03/09 16:06:40 | 000,228,352 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\deviceaccess.dll
[2016/03/09 16:06:39 | 005,661,696 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\Chakra.dll
[2016/03/09 16:06:38 | 001,831,936 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\AppXDeploymentExtensions.dll
[2016/03/09 16:06:38 | 001,098,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dosvc.dll
[2016/03/09 16:06:36 | 001,997,328 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\KernelBase.dll
[2016/03/09 16:06:36 | 001,713,664 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\SRHInproc.dll
[2016/03/09 16:06:36 | 001,613,664 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\diagtrack.dll
[2016/03/09 16:06:36 | 001,497,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\WMPDMC.exe
[2016/03/09 16:06:36 | 001,390,592 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\win32kbase.sys
[2016/03/09 16:06:36 | 000,848,168 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\mfsvr.dll
[2016/03/09 16:06:36 | 000,808,800 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WWAHost.exe
[2016/03/09 16:06:36 | 000,709,688 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\mfsvr.dll
[2016/03/09 16:06:35 | 001,443,328 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\SRHInproc.dll
[2016/03/09 16:06:35 | 001,322,248 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ole32.dll
[2016/03/09 16:06:35 | 000,938,496 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ContactApis.dll
[2016/03/09 16:06:35 | 000,769,536 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\ContactApis.dll
[2016/03/09 16:06:35 | 000,703,840 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\WWAHost.exe
[2016/03/09 16:06:35 | 000,670,928 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\mfds.dll
[2016/03/09 16:06:35 | 000,652,392 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dxgi.dll
[2016/03/09 16:06:35 | 000,576,864 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\dxgmms2.sys
[2016/03/09 16:06:35 | 000,523,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\dxgi.dll
[2016/03/09 16:06:34 | 001,847,808 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WMPDMC.exe
[2016/03/09 16:06:34 | 000,793,600 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\SRH.dll
[2016/03/09 16:06:34 | 000,713,568 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\invagent.dll
[2016/03/09 16:06:34 | 000,700,416 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\AppointmentApis.dll
[2016/03/09 16:06:34 | 000,625,000 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ClipSVC.dll
[2016/03/09 16:06:34 | 000,552,960 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\AppointmentApis.dll
[2016/03/09 16:06:34 | 000,450,560 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\Windows.Internal.Bluetooth.dll
[2016/03/09 16:06:33 | 000,982,016 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\AppxPackaging.dll
[2016/03/09 16:06:33 | 000,957,952 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\SRH.dll
[2016/03/09 16:06:33 | 000,890,368 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\AppxPackaging.dll
[2016/03/09 16:06:33 | 000,794,888 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\mfds.dll
[2016/03/09 16:06:33 | 000,630,632 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\fontdrvhost.exe
[2016/03/09 16:06:33 | 000,538,736 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\wer.dll
[2016/03/09 16:06:33 | 000,315,904 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\Windows.Internal.Bluetooth.dll
[2016/03/09 16:06:32 | 000,640,472 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\wer.dll
[2016/03/09 16:06:32 | 000,258,280 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\sqmapi.dll
[2016/03/09 16:06:32 | 000,220,064 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\sqmapi.dll
[2016/03/09 16:06:31 | 002,158,592 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\AppXDeploymentServer.dll
[2016/03/09 16:06:31 | 000,540,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\fontdrvhost.exe
[2016/03/09 16:06:31 | 000,540,160 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\ChatApis.dll
[2016/03/09 16:06:31 | 000,436,736 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\AppXDeploymentClient.dll
[2016/03/09 16:06:31 | 000,401,408 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\sharemediacpl.dll
[2016/03/09 16:06:31 | 000,365,568 | ---- | C] (Adobe Systems Incorporated) -- H:\Windows\System32\atmfd.dll
[2016/03/09 16:06:31 | 000,342,528 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\AppXDeploymentClient.dll
[2016/03/09 16:06:31 | 000,228,352 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\wsqmcons.exe
[2016/03/09 16:06:31 | 000,184,832 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\PackageStateRoaming.dll
[2016/03/09 16:06:31 | 000,167,936 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dafBth.dll
[2016/03/09 16:06:31 | 000,161,280 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\CallHistoryClient.dll
[2016/03/09 16:06:30 | 000,790,528 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\EmailApis.dll
[2016/03/09 16:06:30 | 000,726,528 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ChatApis.dll
[2016/03/09 16:06:30 | 000,369,664 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\FirewallAPI.dll
[2016/03/09 16:06:30 | 000,303,104 | ---- | C] (Adobe Systems Incorporated) -- H:\Windows\SysWow64\atmfd.dll
[2016/03/09 16:06:30 | 000,216,416 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\AppxAllUserStore.dll
[2016/03/09 16:06:30 | 000,187,744 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\AppxAllUserStore.dll
[2016/03/09 16:06:30 | 000,098,304 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\AppointmentActivation.dll
[2016/03/09 16:06:29 | 000,575,488 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\EmailApis.dll
[2016/03/09 16:06:29 | 000,394,080 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\dxgmms1.sys
[2016/03/09 16:06:29 | 000,318,976 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\domgmt.dll
[2016/03/09 16:06:29 | 000,224,256 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\PackageStateRoaming.dll
[2016/03/09 16:06:29 | 000,200,704 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\cemapi.dll
[2016/03/09 16:06:29 | 000,195,072 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\VCardParser.dll
[2016/03/09 16:06:29 | 000,146,432 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\AuthBroker.dll
[2016/03/09 16:06:28 | 000,243,712 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\cemapi.dll
[2016/03/09 16:06:28 | 000,163,328 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\fwbase.dll
[2016/03/09 16:06:27 | 000,258,560 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\UserDataAccountApis.dll
[2016/03/09 16:06:27 | 000,169,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\PhoneCallHistoryApis.dll
[2016/03/09 16:06:26 | 000,252,928 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\PimIndexMaintenance.dll
[2016/03/09 16:06:26 | 000,208,896 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\storewuauth.dll
[2016/03/09 16:06:26 | 000,168,448 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\Windows.Devices.Scanners.dll
[2016/03/09 16:06:26 | 000,141,560 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\AuthHost.exe
[2016/03/09 16:06:26 | 000,121,856 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\AppointmentActivation.dll
[2016/03/09 16:06:25 | 001,173,344 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\aeinv.dll
[2016/03/09 16:06:25 | 000,221,184 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\PhoneCallHistoryApis.dll
[2016/03/09 16:06:25 | 000,150,528 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\VCardParser.dll
[2016/03/09 16:06:25 | 000,147,808 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\wermgr.exe
[2016/03/09 16:06:25 | 000,141,664 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\wermgr.exe
[2016/03/09 16:06:25 | 000,135,168 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\AppxSip.dll
[2016/03/09 16:06:24 | 000,223,744 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\ExSMime.dll
[2016/03/09 16:06:24 | 000,087,552 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\AppxSysprep.dll
[2016/03/09 16:06:24 | 000,068,096 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\UserDataPlatformHelperUtil.dll
[2016/03/09 16:06:24 | 000,056,320 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\POSyncServices.dll
[2016/03/09 16:06:23 | 000,513,888 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\devinv.dll
[2016/03/09 16:06:23 | 000,274,944 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ExSMime.dll
[2016/03/09 16:06:23 | 000,196,608 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\UserDataAccountApis.dll
[2016/03/09 16:06:23 | 000,161,792 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\AppxSip.dll
[2016/03/09 16:06:23 | 000,145,408 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dssvc.dll
[2016/03/09 16:06:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\PimIndexMaintenanceClient.dll
[2016/03/09 16:06:23 | 000,018,944 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\ExtrasXmlParser.dll
[2016/03/09 16:06:22 | 000,526,336 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\FirewallAPI.dll
[2016/03/09 16:06:22 | 000,214,528 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\Windows.Devices.Scanners.dll
[2016/03/09 16:06:22 | 000,184,320 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\fwbase.dll
[2016/03/09 16:06:22 | 000,129,024 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\CallHistoryClient.dll
[2016/03/09 16:06:22 | 000,111,616 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\UserDataTimeUtil.dll
[2016/03/09 16:06:22 | 000,093,184 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\wpninprc.dll
[2016/03/09 16:06:22 | 000,089,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\UserDataTimeUtil.dll
[2016/03/09 16:06:22 | 000,070,656 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\POSyncServices.dll
[2016/03/09 16:06:22 | 000,048,128 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\PimIndexMaintenanceClient.dll
[2016/03/09 16:06:22 | 000,045,056 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\UserDataLanguageUtil.dll
[2016/03/09 16:06:22 | 000,025,600 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\wfapigp.dll
[2016/03/09 16:06:22 | 000,023,552 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ExtrasXmlParser.dll
[2016/03/09 16:06:21 | 000,056,320 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\UserDataPlatformHelperUtil.dll
[2016/03/09 16:06:21 | 000,053,248 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\profext.dll
[2016/03/09 16:06:21 | 000,045,568 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\UserDataTypeHelperUtil.dll
[2016/03/09 16:06:21 | 000,037,888 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\UserDataLanguageUtil.dll
[2016/03/09 16:06:20 | 001,490,432 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\UserDataService.dll
[2016/03/09 16:06:20 | 000,915,456 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\configurationclient.dll
[2016/03/09 16:06:20 | 000,764,928 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\Chakradiag.dll
[2016/03/09 16:06:20 | 000,196,608 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\fwpolicyiomgr.dll
[2016/03/09 16:06:20 | 000,067,584 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\profext.dll
[2016/03/09 16:06:20 | 000,037,888 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\UserDataTypeHelperUtil.dll
[2016/03/09 16:06:19 | 000,685,568 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\scapi.dll
[2016/03/09 16:06:19 | 000,451,584 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\werui.dll
[2016/03/09 16:06:19 | 000,394,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\werui.dll
[2016/03/09 16:06:19 | 000,360,448 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\vaultsvc.dll
[2016/03/09 16:06:19 | 000,288,768 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\vaultcli.dll
[2016/03/09 16:06:19 | 000,164,864 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\fwpolicyiomgr.dll
[2016/03/09 16:06:19 | 000,118,272 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\fontsub.dll
[2016/03/09 16:06:19 | 000,093,696 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\fontsub.dll
[2016/03/09 16:06:19 | 000,020,480 | ---- | C] (Microsoft Corporation) -- H:\Windows\SysWow64\wfapigp.dll
[2016/03/09 16:06:18 | 000,045,568 | ---- | C] (Adobe Systems) -- H:\Windows\System32\atmlib.dll
[2016/03/09 16:06:18 | 000,037,376 | ---- | C] (Adobe Systems) -- H:\Windows\SysWow64\atmlib.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/04/07 17:34:19 | 000,067,584 | --S- | M] () -- H:\Windows\bootstat.dat
[2016/04/07 17:29:38 | 000,824,258 | ---- | M] () -- H:\Windows\System32\perfh00C.dat
[2016/04/07 17:29:38 | 000,734,296 | ---- | M] () -- H:\Windows\System32\perfh009.dat
[2016/04/07 17:29:38 | 000,155,558 | ---- | M] () -- H:\Windows\System32\perfc00C.dat
[2016/04/07 17:29:38 | 000,138,836 | ---- | M] () -- H:\Windows\System32\perfc009.dat
[2016/04/07 17:24:11 | 000,001,104 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/04/07 17:24:06 | 000,192,216 | ---- | M] (Malwarebytes) -- H:\Windows\System32\drivers\MBAMSwissArmy.sys
[2016/04/07 17:23:54 | 016,777,216 | -HS- | M] () -- H:\swapfile.sys
[2016/04/07 17:23:53 | 3088,740,352 | -HS- | M] () -- H:\hiberfil.sys
[2016/04/07 17:03:00 | 000,001,002 | ---- | M] () -- H:\Windows\tasks\Adobe Flash Player Updater.job
[2016/04/07 05:20:09 | 000,001,108 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/04/07 04:37:33 | 000,352,888 | ---- | M] () -- H:\Windows\System32\FNTCACHE.DAT
[2016/04/06 19:10:44 | 000,000,000 | R--D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2016/03/31 17:07:51 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clover
[2016/03/31 05:41:54 | 000,001,140 | ---- | M] () -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\OOSU10.lnk
[2016/03/30 19:45:30 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2016/03/28 19:00:32 | 000,001,171 | ---- | M] () -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Captvty.lnk
[2016/03/23 21:21:09 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2016/03/21 20:02:40 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2016/03/10 21:20:53 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2016/03/10 14:09:10 | 000,065,408 | ---- | M] (Malwarebytes Corporation) -- H:\Windows\System32\drivers\mwac.sys
[2016/03/10 14:08:58 | 000,140,672 | ---- | M] (Malwarebytes) -- H:\Windows\System32\drivers\mbamchameleon.sys
[2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) -- H:\Windows\System32\drivers\mbam.sys

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/03/31 05:41:54 | 000,001,140 | ---- | C] () -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\OOSU10.lnk
[2016/03/28 19:00:32 | 000,001,171 | ---- | C] () -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Captvty.lnk
[2016/03/05 08:31:20 | 000,000,017 | ---- | C] () -- H:\Users\jmpco\AppData\Local\resmon.resmoncfg
[2016/03/02 06:06:26 | 001,859,960 | ---- | C] () -- H:\Windows\SysWow64\CoreUIComponents.dll
[2016/02/06 10:09:31 | 000,000,290 | RHS- | C] () -- H:\ProgramData\ntuser.pol
[2016/01/28 16:30:25 | 000,162,816 | ---- | C] () -- H:\Windows\SysWow64\MTF.dll
[2015/12/31 06:55:11 | 000,000,102 | ---- | C] () -- H:\Windows\novaxel.ini
[2015/12/31 06:55:10 | 000,000,067 | ---- | C] () -- H:\Windows\iltwain.ini
[2015/12/31 06:48:46 | 000,210,032 | ---- | C] () -- H:\Windows\SysWow64\DBCLIENT.DLL
[2015/12/26 12:17:27 | 000,000,000 | -H-- | C] () -- H:\ProgramData\DP45977C.lfl
[2015/12/26 12:16:33 | 000,001,769 | ---- | C] () -- H:\Windows\Language_trs.ini
[2015/12/25 21:14:41 | 000,067,584 | --S- | C] () -- H:\Windows\bootstat.dat
[2015/10/30 08:24:43 | 000,215,943 | ---- | C] () -- H:\Windows\SysWow64\dssec.dat
[2015/10/30 08:24:43 | 000,000,741 | ---- | C] () -- H:\Windows\SysWow64\NOISE.DAT
[2015/10/30 08:18:39 | 000,164,224 | ---- | C] () -- H:\Windows\SysWow64\weretw.dll
[2015/10/30 08:18:36 | 000,673,088 | ---- | C] () -- H:\Windows\SysWow64\mlang.dat
[2015/10/30 08:18:36 | 000,047,104 | ---- | C] () -- H:\Windows\SysWow64\BWContextHandler.dll
[2015/10/30 08:18:34 | 000,019,968 | ---- | C] () -- H:\Windows\SysWow64\GamePanelExternalHook.dll
[2015/10/30 08:18:31 | 000,252,928 | ---- | C] () -- H:\Windows\SysWow64\Windows.Perception.Stub.dll
[2015/10/30 08:18:31 | 000,029,184 | ---- | C] () -- H:\Windows\SysWow64\dtdump.exe
[2015/10/30 08:18:29 | 000,364,544 | ---- | C] () -- H:\Windows\SysWow64\msjetoledb40.dll
[2015/10/30 08:18:29 | 000,293,376 | ---- | C] () -- H:\Windows\SysWow64\HrtfApo.dll
[2015/10/30 08:18:26 | 000,022,528 | ---- | C] () -- H:\Windows\SysWow64\efsext.dll
[2015/10/30 08:18:25 | 000,002,269 | ---- | C] () -- H:\Windows\SysWow64\WimBootCompress.ini
[2015/10/30 08:18:23 | 000,167,640 | ---- | C] () -- H:\Windows\SysWow64\chs_singlechar_pinyin.dat
[2015/10/30 08:17:40 | 000,043,131 | ---- | C] () -- H:\Windows\mib.bin
[2015/08/27 18:20:08 | 000,194,560 | ---- | C] () -- H:\Windows\SysWow64\igdde32.dll
[2015/08/27 18:20:08 | 000,154,096 | ---- | C] () -- H:\Windows\SysWow64\igdail32.dll
[2012/10/26 16:42:24 | 000,336,232 | ---- | C] () -- H:\Windows\SysWow64\DevManagerCore.dll
[2012/10/26 16:42:22 | 010,919,784 | ---- | C] () -- H:\Windows\SysWow64\LogiDPP.dll
[2012/10/26 16:42:22 | 000,103,272 | ---- | C] () -- H:\Windows\SysWow64\LogiDPPApp.exe

[color=#E56717]========== LOP Check ==========[/color]

[2016/02/01 17:46:10 | 000,000,000 | ---D | M] -- H:\ProgramData\Acronis
[2015/12/25 21:16:58 | 000,000,000 | -HSD | M] -- H:\ProgramData\Application Data
[2016/03/16 22:54:23 | 000,000,000 | ---D | M] -- H:\ProgramData\Auslogics
[2015/12/25 21:16:58 | 000,000,000 | -HSD | M] -- H:\ProgramData\Bureau
[2015/12/31 15:56:23 | 000,000,000 | ---D | M] -- H:\ProgramData\Canneverbe Limited
[2016/02/03 18:13:58 | 000,000,000 | -H-D | M] -- H:\ProgramData\CanonBJ
[2015/10/30 08:24:24 | 000,000,000 | ---D | M] -- H:\ProgramData\Comms
[2015/12/25 21:16:58 | 000,000,000 | -HSD | M] -- H:\ProgramData\Documents
[2015/12/31 18:19:37 | 000,000,000 | ---D | M] -- H:\ProgramData\firebird
[2016/02/01 17:09:10 | 000,000,000 | ---D | M] -- H:\ProgramData\LaCie
[2015/12/27 12:06:04 | 000,000,000 | ---D | M] -- H:\ProgramData\LULU Software
[2015/12/25 21:16:58 | 000,000,000 | -HSD | M] -- H:\ProgramData\Menu Démarrer
[2015/12/25 21:16:58 | 000,000,000 | -HSD | M] -- H:\ProgramData\Modèles
[2015/12/31 18:10:49 | 000,000,000 | ---D | M] -- H:\ProgramData\Novaxel
[2016/03/27 15:44:12 | 000,000,000 | ---D | M] -- H:\ProgramData\Package Cache
[2016/04/06 18:09:18 | 000,000,000 | ---D | M] -- H:\ProgramData\regid.1991-06.com.microsoft
[2016/01/29 16:56:08 | 000,000,000 | ---D | M] -- H:\ProgramData\RogueKiller
[2015/12/31 16:54:15 | 000,000,000 | ---D | M] -- H:\ProgramData\Samsung
[2015/12/27 12:42:16 | 000,000,000 | ---D | M] -- H:\ProgramData\Soda PDF 7
[2015/10/30 08:24:24 | 000,000,000 | ---D | M] -- H:\ProgramData\SoftwareDistribution
[2015/12/26 12:00:38 | 000,000,000 | ---D | M] -- H:\ProgramData\SoundGraph
[2015/12/31 16:57:20 | 000,000,000 | ---D | M] -- H:\ProgramData\Synology
[2015/12/28 18:11:55 | 000,000,000 | ---D | M] -- H:\ProgramData\SystemExplorer
[2015/12/31 13:31:35 | 000,000,000 | ---D | M] -- H:\ProgramData\Temp
[2015/12/25 21:18:01 | 000,000,000 | ---D | M] -- H:\ProgramData\USOPrivate
[2015/12/25 21:18:01 | 000,000,000 | ---D | M] -- H:\ProgramData\USOShared
[2015/12/29 18:58:25 | 000,000,000 | ---D | M] -- H:\ProgramData\VS Revo Group

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< HKCU\Software >[/color]

[HKEY_CURRENT_USER\Software\Acronis]

[HKEY_CURRENT_USER\Software\Adlice Software]

[HKEY_CURRENT_USER\Software\ApercuGED]

[HKEY_CURRENT_USER\Software\AppDataLow]

[HKEY_CURRENT_USER\Software\Auslogics]

[HKEY_CURRENT_USER\Software\Bitdefender]

[HKEY_CURRENT_USER\Software\Borland]

[HKEY_CURRENT_USER\Software\bunkus.org]

[HKEY_CURRENT_USER\Software\Bytescout]

[HKEY_CURRENT_USER\Software\calibre]

[HKEY_CURRENT_USER\Software\Canneverbe Limited]

[HKEY_CURRENT_USER\Software\Canon]

[HKEY_CURRENT_USER\Software\CanonBJ]

[HKEY_CURRENT_USER\Software\Chromium]

[HKEY_CURRENT_USER\Software\Clients]

[HKEY_CURRENT_USER\Software\Clover]

[HKEY_CURRENT_USER\Software\Cygnus Solutions]

[HKEY_CURRENT_USER\Software\Dashlane]

[HKEY_CURRENT_USER\Software\Dashlane_profiles]

[HKEY_CURRENT_USER\Software\DivX]

[HKEY_CURRENT_USER\Software\ej-technologies]

[HKEY_CURRENT_USER\Software\FinalWire]

[HKEY_CURRENT_USER\Software\Google]

[HKEY_CURRENT_USER\Software\IM Providers]

[HKEY_CURRENT_USER\Software\Intel]

[HKEY_CURRENT_USER\Software\Kodi]

[HKEY_CURRENT_USER\Software\Leadertech]

[HKEY_CURRENT_USER\Software\LogiShrd]

[HKEY_CURRENT_USER\Software\Logitech]

[HKEY_CURRENT_USER\Software\LSoft Technologies]

[HKEY_CURRENT_USER\Software\Macromedia]

[HKEY_CURRENT_USER\Software\Microsoft]

[HKEY_CURRENT_USER\Software\Mini-sunclock]

[HKEY_CURRENT_USER\Software\Mirage]

[HKEY_CURRENT_USER\Software\Mozilla]

[HKEY_CURRENT_USER\Software\MozillaPlugins]

[HKEY_CURRENT_USER\Software\MPC-HC]

[HKEY_CURRENT_USER\Software\Namida]

[HKEY_CURRENT_USER\Software\Netscape]

[HKEY_CURRENT_USER\Software\NovaPaniere]

[HKEY_CURRENT_USER\Software\NOVAXEL]

[HKEY_CURRENT_USER\Software\O&O]

[HKEY_CURRENT_USER\Software\ODBC]

[HKEY_CURRENT_USER\Software\Oracle]

[HKEY_CURRENT_USER\Software\paint.net]

[HKEY_CURRENT_USER\Software\PDF Tools AG]

[HKEY_CURRENT_USER\Software\Philips SmartControl]

[HKEY_CURRENT_USER\Software\PhotoFiltre Studio X]

[HKEY_CURRENT_USER\Software\Piriform]

[HKEY_CURRENT_USER\Software\Policies]

[HKEY_CURRENT_USER\Software\QtProject]

[HKEY_CURRENT_USER\Software\Realtek]

[HKEY_CURRENT_USER\Software\RegisteredApplications]

[HKEY_CURRENT_USER\Software\Resplendence Sp]

[HKEY_CURRENT_USER\Software\S3R521]

[HKEY_CURRENT_USER\Software\Seifert]

[HKEY_CURRENT_USER\Software\SiSoftware]

[HKEY_CURRENT_USER\Software\Skype]

[HKEY_CURRENT_USER\Software\Soda PDF 7]

[HKEY_CURRENT_USER\Software\SOUNDGRAPH]

[HKEY_CURRENT_USER\Software\sTabLauncher]

[HKEY_CURRENT_USER\Software\SyncEngines]

[HKEY_CURRENT_USER\Software\Synology]

[HKEY_CURRENT_USER\Software\Sysinternals]

[HKEY_CURRENT_USER\Software\TeamViewer]

[HKEY_CURRENT_USER\Software\Thunderbird]

[HKEY_CURRENT_USER\Software\Trolltech]

[HKEY_CURRENT_USER\Software\Unchecky]

[HKEY_CURRENT_USER\Software\VB and VBA Program Settings]

[HKEY_CURRENT_USER\Software\VS Revo Group]

[HKEY_CURRENT_USER\Software\WinHTTrack Website Copier]

[HKEY_CURRENT_USER\Software\WinRAR]

[HKEY_CURRENT_USER\Software\WinRAR SFX]

[HKEY_CURRENT_USER\Software\Wow6432Node]

[HKEY_CURRENT_USER\Software\ZebHelpProcess Helper]

[color=#A23BEC]< HKCU\Software\AppDataLow /s >[/color]
[HKEY_CURRENT_USER\Software\AppDataLow\Software]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Internet Explorer]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\RepService]
"BB" = 1.000000 [binary data]
"AA" = [Binary data over 100 bytes]
"MM" = 0.050000 [binary data]
"NN" = 131044309736202322 [binary data]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Silverlight]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Silverlight\Permissions]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Silverlight\Permissions\http://chaines-tv.orange.fr:80]
"StaysInFullScreenWhenUnfocused" = 17
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Silverlight\Permissions\http://rp-live.orange.fr:80]
"StaysInFullScreenWhenUnfocused" = 17
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Silverlight\Permissions\http://rp-tvod.woopic.com:80]
"StaysInFullScreenWhenUnfocused" = 17
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Windows]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Windows\CurrentVersion]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Windows\CurrentVersion\Lock Screen]

[color=#A23BEC]< HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /s >[/color]

[color=#A23BEC]< HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /s >[/color]

[color=#A23BEC]< HKLM\Software >[/color]

[HKEY_LOCAL_MACHINE\Software\Acronis]

[HKEY_LOCAL_MACHINE\Software\AdsFix]

[HKEY_LOCAL_MACHINE\Software\Aegisub]

[HKEY_LOCAL_MACHINE\Software\Borland]

[HKEY_LOCAL_MACHINE\Software\calibre 64bit]

[HKEY_LOCAL_MACHINE\Software\Canneverbe Limited]

[HKEY_LOCAL_MACHINE\Software\Canon]

[HKEY_LOCAL_MACHINE\Software\Classes]

[HKEY_LOCAL_MACHINE\Software\Clients]

[HKEY_LOCAL_MACHINE\Software\DivX]

[HKEY_LOCAL_MACHINE\Software\Dolby]

[HKEY_LOCAL_MACHINE\Software\DTS]

[HKEY_LOCAL_MACHINE\Software\FileZilla 3]

[HKEY_LOCAL_MACHINE\Software\IM Providers]

[HKEY_LOCAL_MACHINE\Software\Intel]

[HKEY_LOCAL_MACHINE\Software\Khronos]

[HKEY_LOCAL_MACHINE\Software\Knowles]

[HKEY_LOCAL_MACHINE\Software\Logishrd]

[HKEY_LOCAL_MACHINE\Software\Logitech]

[HKEY_LOCAL_MACHINE\Software\Macromedia]

[HKEY_LOCAL_MACHINE\Software\Microsoft]

[HKEY_LOCAL_MACHINE\Software\Mozilla]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\Software\Nahimic]

[HKEY_LOCAL_MACHINE\Software\NeoSmart Technologies]

[HKEY_LOCAL_MACHINE\Software\Novaxel]

[HKEY_LOCAL_MACHINE\Software\Nuance]

[HKEY_LOCAL_MACHINE\Software\ODBC]

[HKEY_LOCAL_MACHINE\Software\OEM]

[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]

[HKEY_LOCAL_MACHINE\Software\Oracle]

[HKEY_LOCAL_MACHINE\Software\paint.net]

[HKEY_LOCAL_MACHINE\Software\PDF Tools AG]

[HKEY_LOCAL_MACHINE\Software\Piriform]

[HKEY_LOCAL_MACHINE\Software\Policies]

[HKEY_LOCAL_MACHINE\Software\Realtek]

[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]

[HKEY_LOCAL_MACHINE\Software\SiSoftware]

[HKEY_LOCAL_MACHINE\Software\SonicFocus]

[HKEY_LOCAL_MACHINE\Software\SoundResearch]

[HKEY_LOCAL_MACHINE\Software\SRS Labs]

[HKEY_LOCAL_MACHINE\Software\Sysinternals]

[HKEY_LOCAL_MACHINE\Software\VideoLAN]

[HKEY_LOCAL_MACHINE\Software\Waves Audio]

[HKEY_LOCAL_MACHINE\Software\WinHTTrack Website Copier]

[HKEY_LOCAL_MACHINE\Software\WinRAR]

[HKEY_LOCAL_MACHINE\Software\WOW6432Node]

[HKEY_LOCAL_MACHINE\Software\Yamaha APO]

[color=#A23BEC]< HKCU\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 9
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 9

[color=#A23BEC]< HKLM\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 64
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 64

[color=#A23BEC]< HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /s >[/color]
"ForceActiveDesktopOn" = 0
"NoActiveDesktop" = 1
"NoActiveDesktopChanges" = 1
"NoRecentDocsHistory" = 0

[color=#A23BEC]< HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /s >[/color]
"ConsentPromptBehaviorAdmin" = 5
"ConsentPromptBehaviorUser" = 3
"DSCAutomationHostEnabled" = 2
"EnableCursorSuppression" = 1
"EnableInstallerDetection" = 1
"EnableLUA" = 1
"EnableSecureUIAPaths" = 1
"EnableUIADesktopToggle" = 0
"EnableVirtualization" = 1
"PromptOnSecureDesktop" = 1
"ValidateAdminCodeSignatures" = 0
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"scforceoption" = 0
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
"EnableLinkedConnections" = 1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\Audit]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_BITMAP" = 2
"CF_DIB" = 8
"CF_DIBV5" = 17
"CF_OEMTEXT" = 7
"CF_PALETTE" = 9
"CF_TEXT" = 1
"CF_UNICODETEXT" = 13

[color=#A23BEC]< HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /s >[/color]

[color=#A23BEC]< HKLM\System\CurrentControlSet\Control\Session Manager\AppcertDlls /s >[/color]

Invalid Environment Variable: %Homedrive%\*

Invalid Environment Variable: %Homedrive%\*.

Invalid Environment Variable: %Homedrive%\Recycler\*.exe

Invalid Environment Variable: %Homedrive%\Recycler\*.scr

Invalid Environment Variable: %Homedrive%\Recycler\*.pif

Invalid Environment Variable: %Homedrive%\Recycler\*.vb*

Invalid Environment Variable: %Homedrive%\$Recycle.bin\*.exe

Invalid Environment Variable: %Homedrive%\$Recycle.bin\*.scr

Invalid Environment Variable: %Homedrive%\$Recycle.bin\*.pif

Invalid Environment Variable: %Homedrive%\$Recycle.bin\*.vb*

Invalid Environment Variable: %Userprofile%\*

Invalid Environment Variable: %Userprofile%\*.

Invalid Environment Variable: %Allusersprofile%\*

Invalid Environment Variable: %Allusersprofile%\*.

Invalid Environment Variable: %LocalAppData%\*

Invalid Environment Variable: %LocalAppData%\*.

Invalid Environment Variable: %Userprofile%\Local Settings\*

Invalid Environment Variable: %Userprofile%\Local Settings\*.

Invalid Environment Variable: %Userprofile%\Local Settings\Application Data\*

Invalid Environment Variable: %Userprofile%\Local Settings\Application Data\*.

Invalid Environment Variable: %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*

Invalid Environment Variable: %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*.

Invalid Environment Variable: %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*

Invalid Environment Variable: %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*.

[color=#A23BEC]< %programFiles%\* >[/color]
[2015/10/30 08:21:27 | 000,000,174 | -HS- | M] () -- H:\Program Files\desktop.ini

[color=#A23BEC]< %programFiles%\*. >[/color]
[2015/12/31 15:58:44 | 000,000,000 | ---D | M] -- H:\Program Files\Aegisub
[2016/02/07 10:02:12 | 000,000,000 | ---D | M] -- H:\Program Files\Bitdefender
[2016/03/05 18:35:28 | 000,000,000 | ---D | M] -- H:\Program Files\Calibre2
[2015/12/31 16:37:48 | 000,000,000 | ---D | M] -- H:\Program Files\Canon
[2015/12/27 13:39:06 | 000,000,000 | ---D | M] -- H:\Program Files\CCleaner
[2015/12/31 15:56:18 | 000,000,000 | ---D | M] -- H:\Program Files\CDBurnerXP
[2016/01/11 16:58:31 | 000,000,000 | ---D | M] -- H:\Program Files\Common Files
[2016/03/09 19:25:01 | 000,000,000 | ---D | M] -- H:\Program Files\DivX
[2015/12/25 21:16:58 | 000,000,000 | -HSD | M] -- H:\Program Files\Fichiers communs
[2016/02/11 22:17:21 | 000,000,000 | ---D | M] -- H:\Program Files\FileZilla FTP Client
[2015/12/25 21:40:28 | 000,000,000 | ---D | M] -- H:\Program Files\Intel
[2016/03/09 20:54:28 | 000,000,000 | ---D | M] -- H:\Program Files\Internet Explorer
[2016/04/06 18:06:52 | 000,000,000 | ---D | M] -- H:\Program Files\Microsoft Analysis Services
[2016/04/06 18:09:14 | 000,000,000 | ---D | M] -- H:\Program Files\Microsoft Office
[2016/01/13 21:31:34 | 000,000,000 | ---D | M] -- H:\Program Files\Microsoft Silverlight
[2016/04/06 18:09:21 | 000,000,000 | ---D | M] -- H:\Program Files\Microsoft SQL Server
[2016/04/05 18:32:23 | 000,000,000 | ---D | M] -- H:\Program Files\Microsoft SQL Server Compact Edition
[2016/01/11 15:47:20 | 000,000,000 | ---D | M] -- H:\Program Files\Microsoft Sync Framework
[2016/01/11 15:47:27 | 000,000,000 | ---D | M] -- H:\Program Files\Microsoft Synchronization Services
[2016/04/06 19:09:30 | 000,000,000 | ---D | M] -- H:\Program Files\Microsoft.NET
[2015/12/31 16:10:22 | 000,000,000 | ---D | M] -- H:\Program Files\MKVToolNix
[2015/12/31 14:49:03 | 000,000,000 | ---D | M] -- H:\Program Files\MPC-HC
[2015/12/25 22:10:44 | 000,000,000 | ---D | M] -- H:\Program Files\MSBuild
[2016/03/06 11:28:50 | 000,000,000 | ---D | M] -- H:\Program Files\Oracle
[2016/01/08 22:13:35 | 000,000,000 | ---D | M] -- H:\Program Files\paint.net
[2015/12/25 22:00:48 | 000,000,000 | ---D | M] -- H:\Program Files\Rainlendar2
[2015/12/26 12:17:22 | 000,000,000 | ---D | M] -- H:\Program Files\Realtek
[2016/03/09 17:34:21 | 000,000,000 | ---D | M] -- H:\Program Files\Recuva
[2015/12/25 22:10:44 | 000,000,000 | ---D | M] -- H:\Program Files\Reference Assemblies
[2015/12/28 18:29:42 | 000,000,000 | ---D | M] -- H:\Program Files\SiSoftware
[2015/12/31 16:42:47 | 000,000,000 | ---D | M] -- H:\Program Files\SmartControl
[2015/12/27 13:37:02 | 000,000,000 | ---D | M] -- H:\Program Files\Speccy
[2015/12/31 13:37:45 | 000,000,000 | ---D | M] -- H:\Program Files\Stellarium
[2015/12/25 21:17:12 | 000,000,000 | -H-D | M] -- H:\Program Files\Uninstall Information
[2015/12/27 19:47:25 | 000,000,000 | ---D | M] -- H:\Program Files\VideoLAN
[2015/12/29 18:58:23 | 000,000,000 | ---D | M] -- H:\Program Files\VS Revo Group
[2015/12/29 06:50:56 | 000,000,000 | ---D | M] -- H:\Program Files\WhoCrashed
[2015/10/30 20:00:06 | 000,000,000 | ---D | M] -- H:\Program Files\Windows Defender
[2016/03/02 07:00:50 | 000,000,000 | ---D | M] -- H:\Program Files\Windows Journal
[2015/10/30 20:00:06 | 000,000,000 | ---D | M] -- H:\Program Files\Windows Mail
[2016/03/09 20:54:28 | 000,000,000 | ---D | M] -- H:\Program Files\Windows Media Player
[2016/03/09 20:54:28 | 000,000,000 | ---D | M] -- H:\Program Files\Windows Multimedia Platform
[2015/12/25 21:16:58 | 000,000,000 | ---D | M] -- H:\Program Files\Windows NT
[2015/10/30 20:00:06 | 000,000,000 | ---D | M] -- H:\Program Files\Windows Photo Viewer
[2016/03/09 20:54:28 | 000,000,000 | ---D | M] -- H:\Program Files\Windows Portable Devices
[2015/10/30 08:24:24 | 000,000,000 | -HSD | M] -- H:\Program Files\Windows Sidebar
[2016/04/07 16:52:31 | 000,000,000 | -H-D | M] -- H:\Program Files\WindowsApps
[2015/10/30 08:24:24 | 000,000,000 | --SD | M] -- H:\Program Files\WindowsPowerShell
[2015/12/28 17:44:42 | 000,000,000 | ---D | M] -- H:\Program Files\WinHTTrack
[2016/03/22 06:08:38 | 000,000,000 | ---D | M] -- H:\Program Files\WinRAR

[color=#A23BEC]< %programfiles%\Google\Desktop\*. >[/color]

[color=#A23BEC]< %ProgramFiles%\Common Files\*. >[/color]
[2016/04/06 18:09:25 | 000,000,000 | ---D | M] -- H:\Program Files\Common Files\DESIGNER
[2015/12/31 12:07:47 | 000,000,000 | ---D | M] -- H:\Program Files\Common Files\logishrd
[2016/04/06 19:09:30 | 000,000,000 | ---D | M] -- H:\Program Files\Common Files\microsoft shared
[2015/10/30 08:24:28 | 000,000,000 | ---D | M] -- H:\Program Files\Common Files\Services
[2016/04/06 19:10:08 | 000,000,000 | ---D | M] -- H:\Program Files\Common Files\System

Invalid Environment Variable: %ProgramFiles(X86)%\Common Files\*.

[color=#A23BEC]< %Systemroot%\Installer\*. >[/color]
[2015/12/31 13:31:32 | 000,000,000 | -HSD | M] -- H:\Windows\Installer\$PatchCache$
[2015/12/27 12:05:58 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{0C3243E7-F336-4AD5-8878-83E2E06AB51F}
[2016/01/28 17:39:34 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{1627D0D3-BDF7-4C04-89B9-1124F9D620DE}
[2015/12/27 12:06:04 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{17955C10-06F0-4764-81A1-CB72A5577BEB}
[2016/02/01 22:15:06 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}
[2015/12/27 12:06:05 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{2AEB6470-4B4B-435E-BF92-C40031A04BE0}
[2015/12/31 16:59:13 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}
[2015/12/27 12:06:09 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{41EAEA44-10BE-4C7E-8696-2A21E6365281}
[2015/12/27 12:06:06 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{4381986A-111D-42DA-9AE7-8B0CD54D4A01}
[2016/01/30 16:58:39 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}
[2016/03/05 18:35:28 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{75F18D87-1342-41F3-8FF4-293CA74FC928}
[2015/12/31 13:31:33 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{7EF0FAC3-C07D-4859-B5CA-CC31BF963C5C}
[2015/12/27 12:06:06 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{7F9481AB-F24E-42A1-9621-683D8238EF9B}
[2016/03/10 21:20:53 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{895D0391-459F-4D45-B8DD-13F0DE70C66E}
[2016/01/13 21:31:35 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
[2016/03/15 20:18:05 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}
[2016/04/06 19:11:14 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}
[2016/04/06 19:10:16 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{90150000-001F-0401-1000-0000000FF1CE}
[2016/04/06 19:08:19 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{90150000-001F-0407-1000-0000000FF1CE}
[2016/04/06 19:08:18 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{90150000-001F-0409-1000-0000000FF1CE}
[2016/04/06 19:08:18 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{90150000-001F-040C-1000-0000000FF1CE}
[2016/04/06 19:10:00 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{90150000-001F-0413-1000-0000000FF1CE}
[2016/04/06 19:10:00 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{90150000-001F-0C0A-1000-0000000FF1CE}
[2016/04/06 19:10:27 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{90150000-006E-040C-1000-0000000FF1CE}
[2016/04/06 18:08:53 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{90150000-00C1-0000-1000-0000000FF1CE}
[2015/12/27 12:06:08 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{951EC2FD-F6CD-4A36-938A-92E7D28BAD32}
[2015/12/25 22:14:44 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{9E5A4758-0189-419B-A6ED-FE4CBD255F05}
[2015/12/27 12:06:03 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{D431BCA2-B5C7-480C-8F97-B761CB5C54D3}
[2015/12/27 12:06:05 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{D4445135-9E05-45CF-A24E-0631107E12B5}
[2016/01/08 22:13:35 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}
[2015/12/27 12:06:06 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{DF814665-9C0B-46EF-A156-69D069A8BB2D}
[2015/12/27 12:06:06 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{EABBB002-D231-4D37-931E-C933A73D0AA0}
[2016/03/10 21:20:58 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}
[2016/03/06 11:28:51 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{F2E958A1-9215-4C7D-9A2E-F0740B8CA5B7}
[2016/03/18 21:33:32 | 000,000,000 | ---D | M] -- H:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}

[color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.in* >[/color]
[2015/10/30 08:18:41 | 000,003,458 | ---- | M] () -- H:\Windows\system32\ieuinit.inf
[2012/10/26 16:42:24 | 000,029,494 | ---- | M] () -- H:\Windows\system32\lvcoin64.ini
[2015/10/30 08:19:53 | 000,018,944 | ---- | M] (Microsoft Corporation) -- H:\Windows\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
[2016/04/07 17:29:38 | 001,848,398 | ---- | M] () -- H:\Windows\system32\PerfStringBackup.INI
[2015/10/30 08:18:09 | 000,060,124 | ---- | M] () -- H:\Windows\system32\tcpmon.ini
[2015/10/30 08:17:49 | 000,002,269 | ---- | M] () -- H:\Windows\system32\WimBootCompress.ini
[2015/10/30 08:17:58 | 000,242,176 | ---- | M] (Microsoft Corporation) -- H:\Windows\system32\Windows.Gaming.Input.dll
[2016/02/24 07:59:55 | 000,450,560 | ---- | M] (Microsoft Corporation) -- H:\Windows\system32\Windows.Internal.Bluetooth.dll
[2015/10/30 08:17:43 | 000,278,016 | ---- | M] (Microsoft Corporation) -- H:\Windows\system32\Windows.Internal.Management.dll
[2015/10/30 08:18:13 | 000,730,352 | ---- | M] (Microsoft Corporation) -- H:\Windows\system32\Windows.Internal.Shell.Broker.dll
[2015/10/30 08:18:03 | 000,049,664 | ---- | M] (Microsoft Corporation) -- H:\Windows\system32\Windows.Internal.UI.BioEnrollment.ProxyStub.dll
[2015/10/30 08:18:14 | 000,200,192 | ---- | M] (Microsoft Corporation) -- H:\Windows\system32\Windows.Internal.UI.Logon.ProxyStub.dll
[2015/10/30 08:18:01 | 000,881,664 | ---- | M] (Microsoft Corporation) -- H:\Windows\system32\Windows.UI.Input.Inking.dll

[color=#A23BEC]< %systemroot%\PSS\* /s >[/color]
[2016/03/13 15:46:32 | 000,036,864 | ---- | M] () -- H:\Windows\PSS\boot.backup
[2016/03/13 15:46:32 | 000,036,864 | -HS- | M] () -- H:\Windows\PSS\boot.backup.LOG
[2016/03/13 15:46:32 | 000,000,000 | -HS- | M] () -- H:\Windows\PSS\boot.backup.LOG1
[2016/03/13 15:46:32 | 000,000,000 | -HS- | M] () -- H:\Windows\PSS\boot.backup.LOG2

[color=#A23BEC]< %systemroot%\Tasks\* >[/color]
[2016/04/07 17:03:00 | 000,001,002 | ---- | M] () -- H:\Windows\Tasks\Adobe Flash Player Updater.job
[2016/04/07 17:24:11 | 000,001,104 | ---- | M] () -- H:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2016/04/07 05:20:09 | 000,001,108 | ---- | M] () -- H:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2016/04/07 17:34:19 | 000,000,006 | -H-- | M] () -- H:\Windows\Tasks\SA.DAT

[color=#A23BEC]< %systemroot%\Tasks\*. >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color]
[2015/12/29 18:03:13 | 000,003,988 | ---- | M] () -- H:\Windows\system32\Tasks\Adobe Flash Player Updater
[2016/04/07 17:34:12 | 000,003,194 | ---- | M] () -- H:\Windows\system32\Tasks\BDAntiCryptoWallTask
[2015/12/27 13:39:06 | 000,002,870 | ---- | M] () -- H:\Windows\system32\Tasks\CCleanerSkipUAC
[2016/03/27 15:44:28 | 000,003,696 | ---- | M] () -- H:\Windows\system32\Tasks\DivXUpdate
[2016/02/02 22:15:07 | 000,003,934 | ---- | M] () -- H:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
[2016/02/02 22:15:08 | 000,004,166 | ---- | M] () -- H:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
[2016/04/07 05:37:18 | 000,005,344 | ---- | M] () -- H:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-TOJHLCH-jmpco DESKTOP-TOJHLCH
[2015/12/31 16:54:30 | 000,003,354 | ---- | M] () -- H:\Windows\system32\Tasks\SamsungMagician
[2016/04/07 04:43:37 | 000,004,176 | ---- | M] () -- H:\Windows\system32\Tasks\User_Feed_Synchronization-{800C28F8-0DAC-49B6-ACF8-DDA16D3344DB}
[2015/12/25 22:11:17 | 000,003,424 | ---- | M] () -- H:\Windows\system32\Tasks\{38E7D825-F984-4A9D-B92C-80A0446E2CFF}
[2016/04/01 17:02:11 | 000,003,266 | ---- | M] () -- H:\Windows\system32\Tasks\{434F21F3-141C-4144-BAFF-CFD60B79D403}
[2015/12/26 00:02:40 | 000,003,254 | ---- | M] () -- H:\Windows\system32\Tasks\{9F36D463-D33E-4A39-8A68-09A6F4138AA0}

[color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color]
[2016/04/05 17:41:52 | 000,000,000 | ---D | M] -- H:\Windows\system32\Tasks\Microsoft
[2016/01/11 15:47:53 | 000,000,000 | ---D | M] -- H:\Windows\system32\Tasks\OfficeSoftwareProtectionPlatform

[color=#A23BEC]< %systemroot%\syswow64\Tasks\* >[/color]

[color=#A23BEC]< %systemroot%\syswow64\Tasks\*. >[/color]
[2015/10/30 08:24:25 | 000,000,000 | ---D | M] -- H:\Windows\syswow64\Tasks\Microsoft

[color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color]

[color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.sys >[/color]
[2015/11/24 10:53:39 | 000,115,200 | ---- | M] (Microsoft Corporation) -- H:\Windows\system32\win32k.sys
[2016/02/24 07:39:14 | 001,390,592 | ---- | M] (Microsoft Corporation) -- H:\Windows\system32\win32kbase.sys
[2016/02/24 07:11:52 | 003,593,216 | ---- | M] (Microsoft Corporation) -- H:\Windows\system32\win32kfull.sys

[color=#A23BEC]< dir %Homedrive%\* /S /A:L /C >[/color]
Le volume dans le lecteur X s'appelle Boot
Le num ro de s rie du volume est D60A-0DC2


[color=#A23BEC]< MD5 for: AFD.SYS >[/color]
[2015/12/30 06:27:57 | 000,018,038 | ---- | M] () MD5=20F17CD10DDE742A5BD02100D3B0F691 -- H:\Windows\WinSxS\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_10.0.10586.0_none_646ddaeb08c45281\afd.sys
[2015/11/05 11:25:01 | 000,578,912 | ---- | M] (Microsoft Corporation) MD5=70148EFA9A562E7185B75BBE7D376BF7 -- H:\Windows\System32\drivers\afd.sys
[2015/11/05 11:25:01 | 000,578,912 | ---- | M] (Microsoft Corporation) MD5=70148EFA9A562E7185B75BBE7D376BF7 -- H:\Windows\WinSxS\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_10.0.10586.3_none_646de09d08c449f6\afd.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2015/10/30 08:17:23 | 000,028,512 | ---- | M] (Microsoft Corporation) MD5=492B99D2E3D5D7BFD5F0AE1BE7BD37DD -- H:\Windows\System32\drivers\atapi.sys
[2015/10/30 08:17:23 | 000,028,512 | ---- | M] (Microsoft Corporation) MD5=492B99D2E3D5D7BFD5F0AE1BE7BD37DD -- H:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_1a5ded552bf60401\atapi.sys
[2015/10/30 08:17:23 | 000,028,512 | ---- | M] (Microsoft Corporation) MD5=492B99D2E3D5D7BFD5F0AE1BE7BD37DD -- H:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_10.0.10586.0_none_69bdc072cbe101cd\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2015/10/30 08:17:22 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=82D97776BF982AA143BDC7DFB5054EA8 -- H:\Windows\System32\drivers\cdrom.sys
[2015/10/30 08:17:22 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=82D97776BF982AA143BDC7DFB5054EA8 -- H:\Windows\System32\DriverStore\FileRepository\cdrom.inf_amd64_9693c41d66f6eee1\cdrom.sys
[2015/10/30 08:17:22 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=82D97776BF982AA143BDC7DFB5054EA8 -- H:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_10.0.10586.0_none_ec2ef43b4e1e9d7b\cdrom.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2016/02/11 19:55:49 | 000,299,846 | ---- | M] () MD5=4F7BFBD0D637D5B163D45D56196DA27E -- H:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.10586.0_none_de3a3f6b2413a1f0\explorer.exe
[2016/02/11 20:00:25 | 000,221,021 | ---- | M] () MD5=70FBB74D7906E47D47F112C725E24AC0 -- H:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.10586.0_none_e88ee9bd587463eb\explorer.exe
[2016/01/29 07:57:09 | 004,502,352 | ---- | M] (Microsoft Corporation) MD5=95D730526EF81792CD6848D8D10FAA1C -- H:\Windows\explorer.exe
[2016/01/29 07:57:09 | 004,502,352 | ---- | M] (Microsoft Corporation) MD5=95D730526EF81792CD6848D8D10FAA1C -- H:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.10586.104_none_beea9f69d8a18cd7\explorer.exe
[2016/01/29 07:33:48 | 004,064,320 | ---- | M] (Microsoft Corporation) MD5=FCBCED2A237DCD7EF86CED551B731742 -- H:\Windows\SysWOW64\explorer.exe
[2016/01/29 07:33:48 | 004,064,320 | ---- | M] (Microsoft Corporation) MD5=FCBCED2A237DCD7EF86CED551B731742 -- H:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.10586.104_none_c93f49bc0d024ed2\explorer.exe

[color=#A23BEC]< MD5 for: I8042PRT.SYS >[/color]
[2015/10/30 08:17:23 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=53FDD9E69189E546DE4740F8C4D8AB2F -- H:\Windows\System32\drivers\i8042prt.sys
[2015/10/30 08:17:23 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=53FDD9E69189E546DE4740F8C4D8AB2F -- H:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_3539a90f5703fafe\i8042prt.sys
[2015/10/30 08:17:25 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=53FDD9E69189E546DE4740F8C4D8AB2F -- H:\Windows\WinSxS\amd64_dual_keyboard.inf_31bf3856ad364e35_10.0.10586.0_none_98ad1edae3f4b35e\i8042prt.sys
[2015/10/30 08:17:23 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=53FDD9E69189E546DE4740F8C4D8AB2F -- H:\Windows\WinSxS\amd64_keyboard.inf_31bf3856ad364e35_10.0.10586.0_none_23d4063183501faf\i8042prt.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2015/10/30 08:18:03 | 001,152,864 | ---- | M] (Microsoft Corporation) MD5=AFAECF904F1C343EBD50F91BC8D0DBE8 -- H:\Windows\System32\drivers\ndis.sys
[2015/10/30 08:18:03 | 001,152,864 | ---- | M] (Microsoft Corporation) MD5=AFAECF904F1C343EBD50F91BC8D0DBE8 -- H:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.10586.0_none_e5db168dd2633eee\ndis.sys

[color=#A23BEC]< MD5 for: NETBT.SYS >[/color]
[2015/10/30 08:18:08 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=F51C02D992A8D6BC5EC4D990F227D4C7 -- H:\Windows\System32\drivers\netbt.sys
[2015/10/30 08:18:08 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=F51C02D992A8D6BC5EC4D990F227D4C7 -- H:\Windows\WinSxS\amd64_microsoft-windows-netbt-minwin_31bf3856ad364e35_10.0.10586.0_none_7832199a8236f90f\netbt.sys

[color=#A23BEC]< MD5 for: TDX.SYS >[/color]
[2015/12/30 06:27:32 | 000,015,603 | ---- | M] () MD5=0EBEE295D7B9EEA3DA5A2A69B9DD784A -- H:\Windows\WinSxS\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_10.0.10586.0_none_76c360a4866cdbe8\tdx.sys
[2015/11/05 13:05:48 | 000,118,624 | ---- | M] (Microsoft Corporation) MD5=91D3F2A6253EF83EFBD7903028F58C4D -- H:\Windows\System32\drivers\tdx.sys
[2015/11/05 13:05:48 | 000,118,624 | ---- | M] (Microsoft Corporation) MD5=91D3F2A6253EF83EFBD7903028F58C4D -- H:\Windows\WinSxS\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_10.0.10586.3_none_76c36656866cd35d\tdx.sys

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2015/10/30 08:17:22 | 000,414,560 | ---- | M] (Microsoft Corporation) MD5=E1F91A727A04C9F8199D04FF3BBBF63C -- H:\Windows\System32\drivers\volsnap.sys
[2015/10/30 08:17:22 | 000,414,560 | ---- | M] (Microsoft Corporation) MD5=E1F91A727A04C9F8199D04FF3BBBF63C -- H:\Windows\System32\DriverStore\FileRepository\volume.inf_amd64_910e4cc912bf5a43\volsnap.sys
[2015/10/30 08:17:22 | 000,414,560 | ---- | M] (Microsoft Corporation) MD5=E1F91A727A04C9F8199D04FF3BBBF63C -- H:\Windows\WinSxS\amd64_volume.inf_31bf3856ad364e35_10.0.10586.0_none_a23c4fd9a66c2dfe\volsnap.sys

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2015/10/30 08:17:53 | 000,290,856 | ---- | M] (Microsoft Corporation) MD5=CAD491DD9EC00BB841EA407D9C498C4A -- H:\Windows\System32\wininit.exe
[2015/10/30 08:17:53 | 000,290,856 | ---- | M] (Microsoft Corporation) MD5=CAD491DD9EC00BB841EA407D9C498C4A -- H:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_10.0.10586.0_none_bd785127aea7d9d3\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2016/01/16 10:35:23 | 000,060,910 | ---- | M] () MD5=154F8CC29254A229379C06E4727F0D83 -- H:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.10586.0_none_fc48996f7f48af26\winlogon.exe
[2016/01/05 02:43:38 | 000,584,704 | ---- | M] (Microsoft Corporation) MD5=7B24B823404D53DA4748F21AD2BF04C9 -- H:\Windows\System32\winlogon.exe
[2016/01/05 02:43:38 | 000,584,704 | ---- | M] (Microsoft Corporation) MD5=7B24B823404D53DA4748F21AD2BF04C9 -- H:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.10586.63_none_f3dc0aaa859f8abd\winlogon.exe
[2016/03/10 14:07:16 | 000,960,480 | ---- | M] (MalwareBytes) MD5=F86A4139730504047F52CCFB8C47E9F5 -- H:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
< End of report >

Publicité


Signaler le contenu de ce document

Publicité