OTL.Txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 14/12/2016 21:53:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Randy\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

7,92 Gb Total Physical Memory | 4,08 Gb Available Physical Memory | 51,47% Memory free
9,44 Gb Paging File | 5,47 Gb Available in Paging File | 57,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 558,91 Gb Total Space | 212,34 Gb Free Space | 37,99% Space Free | Partition Type: NTFS
Drive D: | 352,71 Gb Total Space | 348,76 Gb Free Space | 98,88% Space Free | Partition Type: NTFS

Computer Name: MSI | User Name: Randy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2016/12/14 21:52:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Randy\Downloads\OTL.exe
PRC - [2016/12/13 16:01:40 | 000,346,512 | ---- | M] (NVIDIA Corporation) -- C:\Users\Randy\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
PRC - [2016/11/17 14:45:21 | 000,425,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
PRC - [2016/11/17 14:45:19 | 015,532,992 | ---- | M] (Node.js) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
PRC - [2016/11/17 14:44:58 | 001,411,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
PRC - [2016/11/17 14:44:58 | 001,411,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
PRC - [2016/11/17 14:44:56 | 000,602,560 | ---- | M] (Igor Pavlov) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\7z.exe
PRC - [2016/11/14 11:17:43 | 005,124,560 | ---- | M] (Mega Limited) -- C:\Users\Randy\AppData\Local\MEGAsync\MEGAsync.exe
PRC - [2016/11/10 15:41:46 | 009,044,392 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2016/11/08 21:29:28 | 000,921,192 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2016/09/08 19:04:25 | 000,197,128 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/03/28 22:19:54 | 000,388,968 | ---- | M] (Digital Wave Ltd.) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
PRC - [2016/02/04 10:53:22 | 000,387,144 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2015/06/24 09:08:22 | 000,223,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2015/06/24 09:08:10 | 000,411,936 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2015/06/24 00:00:08 | 000,322,472 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2015/06/24 00:00:06 | 000,018,856 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2015/06/23 23:15:40 | 000,813,568 | ---- | M] () -- C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe
PRC - [2015/06/23 23:15:40 | 000,532,448 | ---- | M] () -- C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe
PRC - [2015/05/19 17:11:00 | 000,335,872 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
PRC - [2015/04/21 18:20:38 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\SCM\MSIService.exe
PRC - [2015/01/09 07:47:08 | 000,235,624 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2014/02/21 18:18:52 | 000,162,800 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/11/17 14:45:22 | 003,774,400 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\poco.dll
MOD - [2016/11/17 14:45:21 | 000,900,032 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
MOD - [2016/11/17 14:45:20 | 000,018,880 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/11/17 14:44:57 | 060,817,344 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
MOD - [2016/11/17 11:20:45 | 002,809,912 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
MOD - [2016/11/17 11:20:45 | 000,506,424 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
MOD - [2016/11/17 11:20:45 | 000,440,888 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node
MOD - [2016/11/17 11:20:45 | 000,436,792 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
MOD - [2016/11/17 11:20:45 | 000,357,944 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node
MOD - [2016/11/17 11:20:45 | 000,245,184 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
MOD - [2016/11/17 11:20:44 | 000,968,248 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
MOD - [2016/11/17 11:20:44 | 000,514,616 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node
MOD - [2016/11/17 11:20:44 | 000,338,488 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
MOD - [2016/11/17 11:20:44 | 000,252,352 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
MOD - [2016/11/08 21:29:38 | 001,819,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
MOD - [2016/11/08 21:29:37 | 000,093,288 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
MOD - [2016/09/08 19:04:26 | 000,482,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016/09/08 19:04:25 | 000,169,064 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/09/08 19:04:25 | 000,169,064 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\JsonRpcServer.dll
MOD - [2016/08/26 11:53:56 | 012,992,512 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c02fbf560e52a1aab432a90d4c613af4\System.Windows.Forms.ni.dll
MOD - [2016/08/26 11:53:40 | 001,626,112 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\c2abcda8f96d67fa6ff5665fd21dddff\System.Drawing.ni.dll
MOD - [2016/08/26 11:53:29 | 000,711,168 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\4f886295844dc43b0ff606c4caaeb80e\System.Transactions.ni.dll
MOD - [2016/08/26 11:53:14 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\d842ac6dc0b94d7516b2d43a62b8f4d7\System.ServiceModel.Internals.ni.dll
MOD - [2016/08/26 11:53:14 | 000,117,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\1b144b0155aa14719ac0b83f038abbd5\SMDiagnostics.ni.dll
MOD - [2016/08/24 13:26:46 | 013,605,888 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\b5bd1926660d2d17f74fd4ee135f4c4b\System.Web.ni.dll
MOD - [2016/07/21 09:45:09 | 000,482,304 | ---- | M] () -- C:\Users\Randy\AppData\Local\MEGAsync\libsodium.dll
MOD - [2016/07/20 10:24:21 | 048,936,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016/07/16 12:44:20 | 019,611,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\40571abae9422cd2ca6fafbbde1c3cdc\mscorlib.ni.dll
MOD - [2016/07/16 12:44:20 | 010,281,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\08da6b6698b412866e6910ae9b84f363\System.ni.dll
MOD - [2016/07/16 12:44:19 | 007,480,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\f6ebd52be27fe627fed0d185c6a9c0d5\System.Core.ni.dll
MOD - [2016/07/13 22:34:29 | 007,472,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\7532301b00fac8def2f526ca8b480e11\System.Xml.ni.dll
MOD - [2016/07/13 22:34:26 | 002,820,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\213003369298faf75651a6b8981dce12\System.Runtime.Serialization.ni.dll
MOD - [2016/07/13 22:34:26 | 000,994,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\aa9c29b70b4cceab890eb841f89d73e9\System.Configuration.ni.dll
MOD - [2015/06/23 23:15:40 | 000,813,568 | ---- | M] () -- C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe
MOD - [2015/06/23 23:15:40 | 000,532,448 | ---- | M] () -- C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe
MOD - [2015/06/23 23:15:12 | 000,258,016 | ---- | M] () -- C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIOSD.dll
MOD - [2015/06/23 23:14:50 | 000,167,904 | ---- | M] () -- C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIDevProps.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/11/17 14:45:23 | 000,462,784 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerNetworkService)
SRV:[b]64bit:[/b] - [2016/11/17 14:45:23 | 000,462,784 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerLocalSystem)
SRV:[b]64bit:[/b] - [2016/11/17 14:45:19 | 001,163,712 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe -- (NVIDIA Wireless Controller Service)
SRV:[b]64bit:[/b] - [2016/11/11 11:09:31 | 000,764,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2016/11/11 10:22:23 | 000,082,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2016/11/11 10:20:50 | 000,339,456 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2016/11/11 10:20:10 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2016/11/11 10:19:59 | 000,411,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2016/11/11 10:19:35 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2016/11/11 10:16:35 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2016/11/11 10:14:35 | 002,104,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2016/11/11 10:11:57 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2016/11/11 10:06:54 | 002,275,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2016/11/11 10:06:19 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2016/11/11 10:05:32 | 004,136,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2016/11/11 10:04:16 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2016/11/11 10:04:03 | 001,232,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2016/11/02 11:30:35 | 000,635,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2016/11/02 11:19:44 | 000,805,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2016/11/02 11:16:47 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2016/11/02 11:16:27 | 000,770,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2016/11/01 23:05:26 | 000,373,744 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:[b]64bit:[/b] - [2016/10/22 06:33:35 | 000,458,176 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -- (NVDisplay.ContainerLocalSystem)
SRV:[b]64bit:[/b] - [2016/10/15 04:42:44 | 000,539,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2016/10/15 04:37:03 | 001,980,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2016/10/05 10:18:56 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2016/09/15 17:40:41 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2016/09/15 17:38:15 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2016/09/15 17:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2016/09/15 17:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2016/09/15 17:35:45 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2016/09/15 17:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2016/09/15 17:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2016/09/15 17:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2016/09/15 17:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2016/09/15 17:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2016/09/15 17:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2016/09/15 17:35:03 | 001,013,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2016/09/15 17:23:51 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2016/09/08 19:04:25 | 000,197,128 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2016/09/07 05:59:55 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2016/09/07 05:55:30 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2016/09/07 05:40:44 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2016/08/20 06:17:48 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2016/08/06 04:36:20 | 000,447,488 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2016/08/06 04:34:01 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2016/07/16 12:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2016/07/16 12:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2016/07/16 12:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:43:10 | 001,836,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:43:06 | 000,347,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:43:04 | 000,103,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:37 | 000,718,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_718c8aa)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_718c8aa)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_718c8aa)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_718c8aa)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_718c8aa)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_718c8aa)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_718c8aa)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:19 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 001,512,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 001,184,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,326,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2016/07/16 12:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2016/07/16 12:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2016/07/16 12:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2016/02/22 18:30:18 | 001,369,856 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
SRV:[b]64bit:[/b] - [2015/06/24 00:00:06 | 000,018,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:[b]64bit:[/b] - [2015/06/12 09:24:40 | 003,831,200 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:[b]64bit:[/b] - [2015/06/12 09:24:28 | 000,268,192 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2015/06/12 09:24:12 | 000,640,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:[b]64bit:[/b] - [2015/06/12 09:23:48 | 000,157,088 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:[b]64bit:[/b] - [2015/05/22 09:24:00 | 000,881,152 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV - [2016/12/09 21:48:10 | 001,467,168 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2016/11/11 13:47:32 | 002,627,080 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2016/11/11 13:44:02 | 000,419,248 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2016/11/11 08:19:35 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2016/11/11 08:05:12 | 003,370,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2016/11/11 07:40:49 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2016/11/01 23:05:26 | 000,301,552 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2016/10/10 14:59:12 | 000,009,728 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2016/09/20 11:54:54 | 000,324,224 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016/09/10 23:10:28 | 001,404,936 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2016/08/06 04:33:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2016/07/29 20:59:02 | 000,245,544 | ---- | M] (EasyAntiCheat Ltd) [On_Demand | Stopped] -- C:\Windows\SysWOW64\EasyAntiCheat.exe -- (EasyAntiCheat)
SRV - [2016/07/16 12:42:55 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2016/07/16 12:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2016/03/28 22:19:54 | 000,388,968 | ---- | M] (Digital Wave Ltd.) [Auto | Running] -- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe -- (DigitalWave.Update.Service)
SRV - [2016/03/22 21:22:16 | 000,056,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe -- (VSStandardCollectorService140)
SRV - [2016/02/04 10:53:22 | 000,387,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2015/06/24 09:08:22 | 000,223,008 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2015/06/24 09:08:10 | 000,411,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2015/05/19 17:11:04 | 000,007,680 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe -- (isaHelperSvc)
SRV - [2015/05/19 17:11:00 | 000,335,872 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe -- (Intel(R)
SRV - [2015/04/21 18:20:38 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\SCM\MSIService.exe -- (Micro Star SCM)
SRV - [2014/02/21 18:18:52 | 000,162,800 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe -- (MSI_SuperCharger)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/11/17 14:45:29 | 000,046,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2016/11/17 14:45:04 | 000,027,584 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:[b]64bit:[/b] - [2016/11/11 11:00:25 | 000,219,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2016/11/11 10:26:51 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2016/11/02 12:12:07 | 000,376,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2016/11/02 11:55:52 | 000,048,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2016/11/01 23:05:26 | 007,966,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2016/10/23 08:53:16 | 014,145,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\nvmii.inf_amd64_43f83f245edd2d2a\nvlddmkm.sys -- (nvlddmkm)
DRV:[b]64bit:[/b] - [2016/10/15 05:37:01 | 000,063,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2016/10/15 05:30:16 | 000,557,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2016/10/15 04:31:37 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2016/10/13 14:45:24 | 000,293,352 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswvmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2016/10/05 11:35:31 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2016/10/05 11:09:07 | 000,064,352 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2016/10/01 09:00:05 | 000,513,632 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2016/09/17 09:17:16 | 000,969,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2016/09/15 18:29:54 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2016/09/15 18:29:03 | 000,081,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2016/09/15 18:15:56 | 000,130,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2016/09/15 18:14:50 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2016/09/15 17:36:57 | 000,719,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2016/09/10 14:21:43 | 000,118,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2016/09/08 19:04:33 | 000,163,416 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2016/09/08 19:04:33 | 000,108,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2016/09/08 19:04:33 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2016/09/08 19:04:33 | 000,074,544 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2016/09/08 19:04:33 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:[b]64bit:[/b] - [2016/09/08 19:04:19 | 000,037,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2016/09/07 06:29:32 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2016/08/31 14:46:20 | 000,045,680 | ---- | M] (LogMeIn Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Hamdrv.sys -- (Hamachi)
DRV:[b]64bit:[/b] - [2016/08/20 07:06:57 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2016/08/20 06:20:50 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2016/08/06 05:29:13 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2016/08/06 05:16:50 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2016/07/16 23:45:31 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2016/07/16 23:45:23 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2016/07/16 12:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2016/07/16 12:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2016/07/16 12:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2016/07/16 12:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2016/07/16 12:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:54 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:54 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2016/07/16 12:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2016/07/12 02:01:12 | 000,349,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
DRV:[b]64bit:[/b] - [2016/05/12 05:32:26 | 000,481,768 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2016/02/05 16:55:18 | 000,170,128 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e2xw10x64.sys -- (KillerEth)
DRV:[b]64bit:[/b] - [2015/07/24 07:49:07 | 000,033,960 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:[b]64bit:[/b] - [2015/07/24 07:49:07 | 000,033,448 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:[b]64bit:[/b] - [2015/07/24 07:49:05 | 000,616,616 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2015/07/24 07:48:52 | 000,411,712 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUer.sys -- (RTSUER)
DRV:[b]64bit:[/b] - [2015/06/22 07:16:56 | 003,776,792 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwbw02.sys -- (NETwNb64)
DRV:[b]64bit:[/b] - [2015/06/22 04:42:30 | 001,455,552 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2015/06/12 12:54:56 | 000,183,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2013/08/22 13:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV - [2016/10/23 08:53:16 | 014,145,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_43f83f245edd2d2a\nvlddmkm.sys -- (nvlddmkm)
DRV - [2016/07/16 12:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
DRV - [2012/10/26 03:45:52 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys -- (NTIOLib_1_0_3)
DRV - [2010/06/07 17:36:30 | 000,015,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.sys -- (WINIO)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {5D9E17CA-95D3-48A1-BC9E-987DE03E63A2}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {5D9E17CA-95D3-48A1-BC9E-987DE03E63A2}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{5D9E17CA-95D3-48A1-BC9E-987DE03E63A2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRNAM1&src=IE11TR&pc=NMTE;

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oem15.msn.com/?pc=NMTE
IE - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = FA DF 0C 3B A1 AB D1 01 [binary data]
IE - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001\..\SearchScopes,DefaultScope = OldSearch
IE - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:44.0.2
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.101.2: C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2: C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Randy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016/09/08 19:04:34 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016/09/08 19:04:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/09/08 19:04:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/09/08 19:04:34 | 000,000,000 | ---D | M]

[2016/02/10 18:29:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Randy\AppData\Roaming\mozilla\Extensions
[2016/02/10 18:40:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Randy\AppData\Roaming\mozilla\Firefox\Profiles\zxhpn6yn.default\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Randy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Randy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Randy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Randy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Randy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.12.4_0\
CHR - Extension: No name found = C:\Users\Randy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Randy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Randy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_1\
CHR - Extension: No name found = C:\Users\Randy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Randy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_1\

O1 HOSTS File: ([2016/06/12 15:36:30 | 000,002,615 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activation.cloud.techsmith.com
O1 - Hosts: 127.0.0.1 activation.cloud.techsmith.com127.0.0.1 bandicam.com
O1 - Hosts: 127.0.0.1 ssl.bandisoft.com
O2:[b]64bit:[/b] - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:[b]64bit:[/b] - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NahimicMSIUILauncher] C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SCM] C:\Program Files (x86)\SCM\SCM.exe (MSI)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3939544326-3822232667-1587598136-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - Startup: C:\Users\Randy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk = C:\Users\Randy\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9b896357-075d-42dd-835c-e66d092b10f4}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] shpamsvc - C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] lfsvc - C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DmEnrollmentSvc - C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] dmwappushservice - C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] WpnService - C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XboxNetApiSvc - C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DcpSvc - C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] RetailDemo - C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] dosvc - C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XblAuthManager - C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] UsoSvc - C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XblGameSave - C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] wisvc - C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NetSetupSvc - C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)

MsConfig:64bit - State: "bootini" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] Ahcache.sys - C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] CoreMessagingRegistrar - C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] iai2c.sys - C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
SafeBootMin:[b]64bit:[/b] KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] SpbCx.sys - C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] StateRepository - C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] TBS - Service
SafeBootMin:[b]64bit:[/b] TileDataModelSvc - C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] uefi.sys - C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin:[b]64bit:[/b] {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: CoreMessagingRegistrar - C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: StateRepository - C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware

SafeBootNet:[b]64bit:[/b] Ahcache.sys - C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] CoreMessagingRegistrar - C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] netprofm - C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdpencdd.sys - Driver
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] SmartcardSimulator - Driver
SafeBootNet:[b]64bit:[/b] SpbCx.sys - C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] StateRepository - C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] TBS - Service
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] TileDataModelSvc - C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] uefi.sys - C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] VaultSvc - C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] VirtualSmartcardReader - Driver
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] Wcmsvc - C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:[b]64bit:[/b] {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: CoreMessagingRegistrar - C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: StateRepository - C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {31699572-6286-3C1C-A03C-511D59181038} - .NET Framework
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\inf\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {71A5A636-652F-3BE0-BC14-02545E9F5EC7} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:[b]64bit:[/b] msacm.bdmpeg - bdmpega64.acm ()
Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:[b]64bit:[/b] VIDC.FICV - ficvdec_x64.dll ()
Drivers32:[b]64bit:[/b] VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:[b]64bit:[/b] vidc.mjpg - bdmjpeg64.dll ()
Drivers32:[b]64bit:[/b] vidc.mpeg - bdmpegv64.dll ()
Drivers32:[b]64bit:[/b] vidc.tsc2 - C:\WINDOWS\SysWOW64\tsc2_codec64.dll (TechSmith Corporation)
Drivers32:[b]64bit:[/b] vidc.tscc - C:\WINDOWS\SysWOW64\tsccvid64.dll (TechSmith Corporation)
Drivers32: msacm.bdmpeg - C:\WINDOWS\SysWow64\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FICV - C:\WINDOWS\SysWow64\ficvdec_x86.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.mjpg - C:\WINDOWS\SysWow64\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\WINDOWS\SysWow64\bdmpegv.dll ()
Drivers32: vidc.tsc2 - C:\Windows\SysWOW64\tsc2_codec32.dll (TechSmith Corporation)
Drivers32: vidc.tscc - C:\Windows\SysWOW64\tsccvid.dll (TechSmith Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/12/14 22:04:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VulkanRT
[2016/12/14 22:00:46 | 008,803,648 | ---- | C] (Piriform Ltd) -- C:\Users\Randy\Desktop\ccsetup525.exe
[2016/12/14 21:57:01 | 034,710,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2016/12/14 21:57:01 | 028,201,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2016/12/14 21:57:01 | 010,912,744 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvptxJitCompiler.dll
[2016/12/14 21:57:01 | 010,803,880 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2016/12/14 21:57:01 | 009,158,616 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2016/12/14 21:57:01 | 008,913,328 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
[2016/12/14 21:57:01 | 000,942,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2016/12/14 21:57:01 | 000,438,208 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2016/12/14 21:57:01 | 000,388,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2016/12/14 21:57:00 | 001,038,392 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2016/12/14 21:57:00 | 000,974,784 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2016/12/14 21:57:00 | 000,894,400 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2016/12/14 21:57:00 | 000,683,640 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvfatbinaryLoader.dll
[2016/12/14 21:57:00 | 000,572,888 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
[2016/12/14 21:57:00 | 000,394,888 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2016/12/14 21:56:59 | 000,327,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2016/12/14 21:56:58 | 010,353,960 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2016/12/14 21:56:58 | 008,761,560 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2016/12/14 21:56:58 | 002,950,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2016/12/14 21:56:58 | 002,587,704 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2016/12/14 21:56:58 | 001,953,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6437633.dll
[2016/12/14 21:56:58 | 001,586,744 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6437633.dll
[2016/12/14 21:56:58 | 000,802,768 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2016/12/14 21:56:58 | 000,643,928 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2016/12/14 21:47:43 | 000,000,000 | ---D | C] -- C:\Users\Randy\Desktop\Jeux Steam
[2016/12/14 21:45:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Randy\Desktop\OTL.exe
[2016/12/14 21:40:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2016/12/14 21:40:43 | 000,101,824 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvaudcap64v.dll
[2016/12/14 21:40:43 | 000,091,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvaudcap32v.dll
[2016/12/14 15:52:25 | 000,000,000 | ---D | C] -- C:\Users\Randy\AppData\Local\LogMeIn Hamachi
[2016/12/14 15:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2016/12/14 15:51:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2016/12/13 19:02:05 | 000,000,000 | ---D | C] -- C:\Users\Randy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
[2016/12/11 00:46:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftwareDistribution
[2016/12/10 11:27:15 | 002,682,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netshell.dll
[2016/12/10 11:27:15 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll
[2016/12/10 11:27:15 | 000,603,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2016/12/10 11:27:15 | 000,534,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2016/12/10 11:27:15 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2016/12/10 11:27:15 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2016/12/10 11:27:15 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgentUserBroker.exe
[2016/12/10 11:27:15 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2016/12/10 11:27:15 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2016/12/10 11:27:14 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll
[2016/12/10 11:27:14 | 001,232,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2016/12/10 11:27:14 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2016/12/10 11:27:14 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2016/12/10 11:27:14 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll
[2016/12/10 11:27:14 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2016/12/10 11:27:13 | 001,886,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2016/12/10 11:27:13 | 000,590,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2016/12/10 11:27:12 | 002,800,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netshell.dll
[2016/12/10 11:27:12 | 001,293,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2016/12/10 11:27:12 | 001,004,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2016/12/10 11:27:12 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2016/12/10 11:27:11 | 017,188,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2016/12/10 11:27:11 | 001,859,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2016/12/10 11:27:09 | 003,892,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2016/12/10 11:27:09 | 001,852,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2016/12/10 11:27:09 | 001,123,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2016/12/10 11:27:09 | 000,952,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2016/12/10 11:27:09 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
[2016/12/10 11:27:08 | 004,612,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2016/12/10 11:27:08 | 003,370,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2016/12/10 11:27:08 | 003,306,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2016/12/10 11:27:08 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepsync.dll
[2016/12/10 11:27:08 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2016/12/10 11:27:08 | 000,263,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2016/12/10 11:27:08 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepapi.dll
[2016/12/10 11:27:08 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepapi.dll
[2016/12/10 11:27:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManHTTPConfig.exe
[2016/12/10 11:27:07 | 002,277,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2016/12/10 11:27:07 | 001,992,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2016/12/10 11:27:07 | 001,357,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2016/12/10 11:27:07 | 000,760,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2016/12/10 11:27:07 | 000,715,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2016/12/10 11:27:07 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepsync.dll
[2016/12/10 11:27:06 | 006,109,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2016/12/10 11:27:05 | 005,380,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2016/12/10 11:27:05 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2016/12/10 11:27:05 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DisplayManager.dll
[2016/12/10 11:27:04 | 004,423,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2016/12/10 11:27:02 | 002,362,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2016/12/10 11:27:02 | 002,109,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapGeocoder.dll
[2016/12/10 11:27:02 | 000,418,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2016/12/10 11:27:02 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2016/12/10 11:27:01 | 001,069,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2016/12/10 11:27:01 | 000,424,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll
[2016/12/10 11:27:01 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2016/12/10 11:27:01 | 000,163,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RTWorkQ.dll
[2016/12/10 11:27:01 | 000,091,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfaudiocnv.dll
[2016/12/10 11:27:01 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HttpsDataSource.dll
[2016/12/10 11:27:00 | 001,755,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceFlows.DataModel.dll
[2016/12/10 11:27:00 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
[2016/12/10 11:27:00 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2016/12/10 11:27:00 | 000,266,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2016/12/10 11:27:00 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2016/12/10 11:27:00 | 000,157,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudStorageWizard.exe
[2016/12/10 11:27:00 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2016/12/10 11:27:00 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapsBtSvc.dll
[2016/12/10 11:27:00 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosStorage.dll
[2016/12/10 11:26:59 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2016/12/10 11:26:59 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2016/12/10 11:26:57 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_StorageSense.dll
[2016/12/10 11:26:57 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll
[2016/12/10 11:26:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseModernAppMgmtCSP.dll
[2016/12/10 11:26:57 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2016/12/10 11:26:56 | 002,828,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2016/12/10 11:26:56 | 002,104,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2016/12/10 11:26:56 | 000,764,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2016/12/10 11:26:56 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2016/12/10 11:26:56 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcuiu.dll
[2016/12/10 11:26:56 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2016/12/10 11:26:56 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2016/12/10 11:26:56 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EDPCleanup.exe
[2016/12/10 11:26:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReportingCSP.dll
[2016/12/10 11:26:56 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EAMProgressHandler.dll
[2016/12/10 11:26:55 | 004,136,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2016/12/10 11:26:55 | 002,275,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2016/12/10 11:26:55 | 002,186,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hevcdecoder.dll
[2016/12/10 11:26:55 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2016/12/10 11:26:55 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2016/12/10 11:26:55 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2016/12/10 11:26:54 | 002,482,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2016/12/10 11:26:54 | 001,692,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2016/12/10 11:26:54 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2016/12/10 11:26:54 | 001,228,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2016/12/10 11:26:54 | 000,981,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2016/12/10 11:26:53 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2016/12/10 11:26:53 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2016/12/10 11:26:52 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2016/12/10 11:26:52 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngccredprov.dll
[2016/12/10 11:26:52 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2016/12/10 11:26:52 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcastdvr.exe
[2016/12/10 11:26:52 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2016/12/10 11:26:52 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnr.dll
[2016/12/10 11:26:52 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BcastDVRHelper.dll
[2016/12/10 11:26:52 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppCapture.dll
[2016/12/10 11:26:51 | 002,852,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2016/12/10 11:26:51 | 002,084,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceFlows.DataModel.dll
[2016/12/10 11:26:51 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2016/12/10 11:26:51 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2016/12/10 11:26:51 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2016/12/10 11:26:51 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2016/12/10 11:26:51 | 000,241,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2016/12/10 11:26:51 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2016/12/10 11:26:50 | 002,510,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2016/12/10 11:26:50 | 000,382,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2016/12/10 11:26:49 | 003,542,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2016/12/10 11:26:49 | 000,637,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2016/12/10 11:26:49 | 000,360,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2016/12/10 11:26:47 | 000,454,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2016/12/10 11:26:47 | 000,198,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2016/12/10 11:26:47 | 000,152,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RTWorkQ.dll
[2016/12/10 11:26:46 | 001,336,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsecedit.dll
[2016/12/10 11:26:46 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll
[2016/12/10 11:26:46 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll
[2016/12/10 11:26:45 | 001,220,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscui.cpl
[2016/12/10 11:26:45 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscinterop.dll
[2016/12/10 11:26:45 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEStoreEventHandlers.dll
[2016/12/10 11:26:44 | 008,170,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2016/12/10 11:26:42 | 013,868,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2016/12/10 11:26:42 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
[2016/12/10 11:26:41 | 001,418,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2016/12/10 11:26:40 | 003,616,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2016/12/10 11:26:40 | 002,998,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2016/12/10 11:26:40 | 000,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2016/12/10 11:26:40 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2016/12/10 11:26:39 | 007,816,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016/12/10 11:26:39 | 000,219,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys
[2016/12/10 11:26:38 | 006,474,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspaint.exe
[2016/12/10 11:26:38 | 001,726,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2016/12/10 11:26:38 | 000,960,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2016/12/10 11:26:38 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2016/12/10 11:26:38 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2016/12/10 11:26:38 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2016/12/10 11:26:38 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2016/12/10 11:26:38 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2016/12/10 11:26:37 | 002,484,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gameux.dll
[2016/12/10 11:26:37 | 001,556,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2016/12/10 11:26:37 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2016/12/10 11:26:37 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2016/12/10 11:26:36 | 007,626,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2016/12/10 11:26:36 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpsvc.dll
[2016/12/10 11:26:36 | 000,339,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpusersvc.dll
[2016/12/10 11:26:35 | 005,111,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2016/12/10 11:26:35 | 004,311,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2016/12/10 11:26:35 | 001,600,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2016/12/10 11:26:35 | 000,882,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditionUpgradeManagerObj.dll
[2016/12/10 11:26:35 | 000,743,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2016/12/10 11:26:35 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditionUpgradeHelper.dll
[2016/12/10 11:26:34 | 001,366,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2016/12/10 11:26:34 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ACPBackgroundManagerPolicy.dll
[2016/12/10 11:26:33 | 000,869,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2016/12/10 11:26:33 | 000,673,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2016/12/10 11:26:33 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2016/12/10 11:26:33 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2016/12/10 11:26:32 | 002,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRHInproc.dll
[2016/12/10 11:26:32 | 001,477,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsecedit.dll
[2016/12/10 11:26:32 | 000,746,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcprx.dll
[2016/12/10 11:26:32 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VPNv2CSP.dll
[2016/12/10 11:26:31 | 000,248,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2016/12/10 11:26:31 | 000,101,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceReactivation.dll
[2016/12/10 11:26:31 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpremove.exe
[2016/12/10 11:26:30 | 001,002,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2016/12/10 11:26:30 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxclu.dll
[2016/12/10 11:26:30 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sendmail.dll
[2016/12/10 11:26:30 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2016/12/10 11:26:29 | 006,668,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2016/12/10 11:26:29 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2016/12/10 11:26:29 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xolehlp.dll
[2016/12/10 11:26:28 | 001,473,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2016/12/10 11:26:28 | 001,062,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2016/12/10 11:26:28 | 000,620,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.exe
[2016/12/10 11:26:28 | 000,519,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ngccredprov.dll
[2016/12/10 11:26:27 | 002,166,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2016/12/10 11:26:27 | 001,274,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2016/12/10 11:26:27 | 000,846,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2016/12/10 11:26:27 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LogonController.dll
[2016/12/10 11:26:27 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll
[2016/12/10 11:26:27 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BcastDVRHelper.dll
[2016/12/10 11:26:26 | 004,130,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2016/12/10 11:26:26 | 003,777,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2016/12/10 11:26:26 | 001,988,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2016/12/10 11:26:26 | 000,328,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2016/12/10 11:26:25 | 002,913,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2016/12/10 11:26:25 | 002,213,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2016/12/10 11:26:25 | 001,589,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtctm.dll
[2016/12/10 11:26:25 | 001,267,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2016/12/10 11:26:25 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2016/12/10 11:26:24 | 006,285,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2016/12/10 11:26:24 | 005,722,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2016/12/10 11:26:24 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2016/12/10 11:26:24 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppCapture.dll
[2016/12/10 11:26:23 | 007,219,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2016/12/10 11:26:23 | 001,490,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2016/12/10 11:26:23 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplayManager.dll
[2016/12/10 11:26:22 | 002,287,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2016/12/10 11:26:20 | 004,708,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2016/12/10 11:26:17 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\facecredentialprovider.dll
[2016/12/10 11:26:17 | 000,126,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfaudiocnv.dll
[2016/12/10 11:26:16 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcprx.dll
[2016/12/10 11:26:16 | 000,870,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmkvsrcsnk.dll
[2016/12/10 11:26:16 | 000,374,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll
[2016/12/10 11:26:16 | 000,187,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudStorageWizard.exe
[2016/12/10 11:26:16 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dialserver.dll
[2016/12/10 11:26:16 | 000,142,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\migisol.dll
[2016/12/10 11:26:16 | 000,122,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\migisol.dll
[2016/12/10 11:26:15 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2016/12/10 11:26:15 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2016/12/10 11:26:15 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppnp.dll
[2016/12/10 11:26:15 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProvSysprep.dll
[2016/12/10 11:26:14 | 001,691,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2016/12/10 11:26:14 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcuiu.dll
[2016/12/10 11:26:14 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2016/12/10 11:26:14 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RjvMDMConfig.dll
[2016/12/10 11:26:14 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe
[2016/12/10 11:26:13 | 003,196,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2016/12/10 11:26:13 | 001,430,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2016/12/10 11:26:13 | 000,861,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2016/12/10 11:26:13 | 000,557,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2016/12/10 11:26:13 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgentUserBroker.exe
[2016/12/10 11:26:13 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2016/12/10 11:26:12 | 019,415,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016/12/10 11:26:12 | 000,807,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2016/12/10 11:26:10 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\indexeddbserver.dll
[2016/12/10 11:26:09 | 000,873,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2016/12/10 11:26:08 | 006,044,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016/12/10 11:26:08 | 004,746,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2016/12/10 11:26:07 | 006,664,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mspaint.exe
[2016/12/10 11:26:07 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataSenseHandlers.dll
[2016/12/10 11:26:07 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2016/12/10 11:26:07 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll
[2016/12/10 11:26:06 | 008,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016/12/10 11:26:06 | 000,401,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2016/12/10 11:26:06 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2016/12/10 11:26:06 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2016/12/10 11:26:05 | 002,611,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gameux.dll
[2016/12/10 11:26:05 | 001,513,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2016/12/10 11:26:05 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2016/12/10 11:26:05 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2016/12/10 11:26:04 | 004,749,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2016/12/10 11:26:04 | 004,673,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2016/12/10 11:26:03 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2016/12/10 11:26:03 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2016/12/10 11:26:03 | 000,658,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2016/12/10 11:26:03 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2016/12/10 11:26:03 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManHTTPConfig.exe
[2016/12/10 11:26:02 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2016/12/10 11:26:01 | 009,131,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2016/12/10 11:26:01 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll
[2016/12/10 11:26:01 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\indexeddbserver.dll
[2016/12/10 11:26:01 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IdCtrls.dll
[2016/12/10 11:26:00 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2016/12/10 11:25:59 | 007,654,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2016/12/10 11:25:59 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2016/12/10 11:25:58 | 001,738,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2016/12/10 11:25:58 | 001,709,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2016/12/10 11:25:57 | 022,563,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016/12/10 11:25:56 | 003,400,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncCenter.dll
[2016/12/10 11:25:56 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2016/12/10 11:25:54 | 007,812,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2016/12/10 11:25:54 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2016/12/10 11:25:51 | 002,206,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2016/12/10 11:25:51 | 001,969,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hevcdecoder.dll
[2016/12/10 11:25:50 | 003,441,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2016/12/10 11:25:50 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2016/12/10 11:25:50 | 000,455,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2016/12/10 11:25:50 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2016/12/10 11:25:49 | 002,953,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2016/12/10 11:25:49 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2016/12/10 11:25:49 | 000,489,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupShim.dll
[2016/12/10 11:25:49 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2016/12/10 11:25:49 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupugc.exe
[2016/12/10 11:25:49 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupugc.exe
[2016/12/10 11:25:48 | 000,632,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2016/12/10 11:25:48 | 000,587,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2016/12/10 11:25:48 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupShim.dll
[2016/12/10 11:25:48 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2016/12/10 11:25:48 | 000,167,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2016/12/10 11:25:48 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2016/12/10 11:25:48 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2016/12/10 11:25:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2016/12/10 11:25:47 | 001,196,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscui.cpl
[2016/12/10 11:25:47 | 000,822,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2016/12/10 11:25:47 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sendmail.dll
[2016/12/10 11:25:47 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscinterop.dll
[2016/12/10 11:25:47 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\umpoext.dll
[2016/12/10 11:25:47 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetCfgNotifyObjectHost.exe
[2016/12/10 11:25:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CbtBackgroundManagerPolicy.dll
[2016/12/10 11:25:47 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe
[2016/12/10 11:25:46 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetCfgNotifyObjectHost.exe
[2016/12/03 20:21:46 | 000,000,000 | ---D | C] -- C:\Users\Randy\Documents\MEGAsync Downloads
[2016/12/02 19:52:55 | 000,000,000 | ---D | C] -- C:\Users\Randy\AppData\Local\PAYDAY 2
[2016/11/25 21:00:09 | 000,000,000 | ---D | C] -- C:\Users\Randy\Desktop\Unreal Engine Project
[2016/11/25 20:58:48 | 000,000,000 | ---D | C] -- C:\Users\Randy\Documents\Unreal Projects
[2016/11/25 20:54:09 | 000,000,000 | ---D | C] -- C:\Users\Randy\AppData\Roaming\Unreal Engine
[2016/11/21 12:44:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2016/11/21 12:42:20 | 000,000,000 | ---D | C] -- C:\Users\Randy\AppData\Local\UnrealEngineLauncher
[2016/11/21 12:42:14 | 000,000,000 | ---D | C] -- C:\Users\Randy\AppData\Local\EpicGamesLauncher
[2016/11/21 12:42:13 | 000,000,000 | ---D | C] -- C:\Users\Randy\AppData\Local\UnrealEngine
[2016/11/21 12:41:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Epic
[2016/11/21 12:41:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epic Games
[2016/11/18 19:22:46 | 000,000,000 | ---D | C] -- C:\Users\Randy\Desktop\Blender
[2016/11/15 21:09:54 | 000,000,000 | ---D | C] -- C:\Users\Randy\AppData\Local\CrashDumps
[2016/11/15 12:23:32 | 000,000,000 | ---D | C] -- C:\Users\Randy\AppData\Local\Chromium
[6 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[20 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/12/14 22:02:36 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/12/14 22:01:07 | 008,803,648 | ---- | M] (Piriform Ltd) -- C:\Users\Randy\Desktop\ccsetup525.exe
[2016/12/14 21:52:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Randy\Desktop\OTL.exe
[2016/12/14 21:41:52 | 000,001,499 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2016/12/14 12:15:38 | 000,000,180 | ---- | M] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2016/12/14 12:15:03 | 3402,924,032 | -HS- | M] () -- C:\hiberfil.sys
[2016/12/14 12:15:01 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/12/13 19:02:06 | 000,001,163 | ---- | M] () -- C:\Users\Randy\Desktop\blender.lnk
[2016/12/12 04:03:20 | 040,125,496 | ---- | M] () -- C:\WINDOWS\SysNative\nvcompiler.dll
[2016/12/12 04:03:20 | 035,222,976 | ---- | M] () -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2016/12/12 04:03:20 | 034,710,584 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2016/12/12 04:03:20 | 028,201,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2016/12/12 04:03:20 | 010,912,744 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvptxJitCompiler.dll
[2016/12/12 04:03:20 | 010,803,880 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2016/12/12 04:03:20 | 010,353,960 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2016/12/12 04:03:20 | 009,158,616 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2016/12/12 04:03:20 | 008,913,328 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
[2016/12/12 04:03:20 | 008,761,560 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2016/12/12 04:03:20 | 003,934,504 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2016/12/12 04:03:20 | 003,474,392 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2016/12/12 04:03:20 | 002,950,200 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2016/12/12 04:03:20 | 002,587,704 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2016/12/12 04:03:20 | 001,953,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6437633.dll
[2016/12/12 04:03:20 | 001,586,744 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6437633.dll
[2016/12/12 04:03:20 | 001,038,392 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2016/12/12 04:03:20 | 000,974,784 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2016/12/12 04:03:20 | 000,942,528 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2016/12/12 04:03:20 | 000,894,400 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2016/12/12 04:03:20 | 000,802,768 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2016/12/12 04:03:20 | 000,683,640 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvfatbinaryLoader.dll
[2016/12/12 04:03:20 | 000,643,928 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2016/12/12 04:03:20 | 000,572,888 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
[2016/12/12 04:03:20 | 000,438,208 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2016/12/12 04:03:20 | 000,394,888 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2016/12/12 04:03:20 | 000,388,544 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2016/12/12 04:03:20 | 000,327,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2016/12/12 04:03:20 | 000,042,286 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2016/12/11 19:47:50 | 000,001,951 | ---- | M] () -- C:\WINDOWS\NvContainerRecovery.bat
[2016/12/11 19:47:44 | 006,384,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2016/12/11 19:47:44 | 002,475,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2016/12/11 19:47:42 | 001,764,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2016/12/11 19:47:42 | 000,548,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2016/12/11 19:47:42 | 000,392,128 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2016/12/11 19:47:42 | 000,081,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2016/12/11 19:47:42 | 000,071,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2016/12/11 10:19:34 | 001,910,180 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/12/11 10:19:34 | 000,837,688 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/12/11 10:19:34 | 000,720,236 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat
[2016/12/11 10:19:34 | 000,200,576 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/12/11 10:19:34 | 000,151,836 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat
[2016/12/11 10:11:33 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/12/10 10:53:04 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2016/12/09 09:52:59 | 007,639,617 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2016/12/02 23:14:07 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/11/25 16:30:09 | 000,001,932 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2016/11/23 19:49:45 | 002,484,736 | ---- | M] () -- C:\Users\Randy\Desktop\ZHPDiag3.exe
[2016/11/23 19:46:42 | 001,353,216 | ---- | M] () -- C:\Users\Randy\Desktop\SFT.exe
[2016/11/21 12:47:01 | 000,002,610 | ---- | M] () -- C:\Users\Public\Desktop\Epic Games Launcher.lnk
[2016/11/17 14:45:32 | 001,854,400 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspcap64.dll
[2016/11/17 14:45:32 | 001,755,072 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspbridge64.dll
[2016/11/17 14:45:32 | 001,452,480 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspcap.dll
[2016/11/17 14:45:32 | 001,317,312 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspbridge.dll
[2016/11/17 14:45:32 | 000,120,256 | ---- | M] () -- C:\WINDOWS\SysNative\NvRtmpStreamer64.dll
[2016/11/17 14:45:29 | 000,101,824 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvaudcap64v.dll
[2016/11/17 14:45:29 | 000,046,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvvad64v.sys
[2016/11/17 14:45:28 | 000,091,584 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvaudcap32v.dll
[2016/11/14 22:51:04 | 000,002,268 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[6 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[20 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/12/14 22:04:36 | 000,110,880 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2016/12/14 22:04:35 | 000,269,600 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2016/12/14 22:04:35 | 000,261,920 | ---- | C] () -- C:\WINDOWS\SysNative\vulkan-1.dll
[2016/12/14 22:04:35 | 000,125,216 | ---- | C] () -- C:\WINDOWS\SysNative\vulkaninfo.exe
[2016/12/14 22:02:36 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/12/14 21:56:51 | 040,125,496 | ---- | C] () -- C:\WINDOWS\SysNative\nvcompiler.dll
[2016/12/14 21:56:50 | 035,222,976 | ---- | C] () -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2016/12/13 19:02:06 | 000,001,163 | ---- | C] () -- C:\Users\Randy\Desktop\blender.lnk
[2016/12/10 11:26:54 | 002,048,496 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/12/10 11:26:39 | 002,681,200 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016/11/23 19:36:17 | 002,484,736 | ---- | C] () -- C:\Users\Randy\Desktop\ZHPDiag3.exe
[2016/11/23 19:35:44 | 001,353,216 | ---- | C] () -- C:\Users\Randy\Desktop\SFT.exe
[2016/11/21 12:41:20 | 000,002,622 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
[2016/11/21 12:41:20 | 000,002,610 | ---- | C] () -- C:\Users\Public\Desktop\Epic Games Launcher.lnk
[2016/11/14 20:44:04 | 000,011,390 | ---- | C] () -- C:\Users\Randy\AppData\Local\recently-used.xbel
[2016/11/12 10:48:33 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2016/09/30 16:34:42 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2016/09/09 19:25:58 | 000,269,600 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-26-0.dll
[2016/09/09 19:25:28 | 000,110,880 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-26-0.exe
[2016/08/24 11:06:47 | 001,690,724 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2016/08/24 10:59:32 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016/07/16 12:47:57 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2016/07/16 12:47:57 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2016/07/16 12:43:04 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2016/07/16 12:43:00 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2016/07/16 12:42:55 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2016/07/16 12:42:53 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2016/07/16 12:42:49 | 000,304,640 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2016/07/16 12:42:48 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2016/07/16 12:42:43 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2016/07/16 12:42:12 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2016/05/18 16:47:33 | 000,000,106 | ---- | C] () -- C:\WINDOWS\Sandbox.INI
[2016/05/02 16:26:57 | 000,000,098 | ---- | C] () -- C:\Users\Randy\AppData\Roaming\infos.properties
[2016/03/02 21:21:37 | 000,000,424 | ---- | C] () -- C:\Users\Randy\AppData\Local\UserProducts.xml
[2016/01/11 20:57:27 | 000,000,132 | ---- | C] () -- C:\Users\Randy\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2016/01/02 14:41:39 | 000,000,746 | ---- | C] () -- C:\Users\Randy\AppData\Roaming\jd-gui.cfg
[2015/04/21 18:20:38 | 000,250,368 | ---- | C] () -- C:\WINDOWS\SysWow64\DeviceCount.exe

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2016/10/03 15:38:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016/11/11 11:01:16 | 007,219,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/11/11 08:47:14 | 005,722,832 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016/07/16 12:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 12:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/07/16 12:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2016/12/14 21:41:04 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\.minecraft
[2016/04/20 13:15:32 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Adobe
[2016/03/04 18:52:16 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Autodesk
[2015/12/25 13:28:00 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\AVAST Software
[2016/01/09 14:32:26 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\BANDISOFT
[2015/12/26 19:29:46 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Blender Foundation
[2016/07/10 09:55:44 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\BrawlhallaAir
[2016/10/18 16:09:36 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Canon
[2016/10/08 12:24:49 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\com.playa-games.sfgame
[2016/05/18 16:44:11 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Crytek
[2016/10/02 13:13:51 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Curse
[2016/11/13 10:54:31 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\discord
[2016/10/04 22:33:48 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\DVDVideoSoft
[2016/10/02 13:22:01 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\ftblauncher
[2015/12/25 11:50:36 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Intel
[2015/12/25 11:57:14 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Intel Corporation
[2016/05/11 17:44:03 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\IsolatedStorage
[2015/12/25 13:16:12 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\java
[2016/02/03 15:16:55 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\LolClient
[2015/12/25 18:59:26 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Macromedia
[2016/08/24 11:29:08 | 000,000,000 | --SD | M] -- C:\Users\Randy\AppData\Roaming\Microsoft
[2016/02/10 18:29:45 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Mozilla
[2016/12/14 16:00:33 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Notepad++
[2016/05/11 20:30:41 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\NuGet
[2016/01/14 18:19:03 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\NVIDIA
[2016/10/29 22:47:57 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Riot Games
[2016/12/14 21:54:08 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Skype
[2016/04/23 21:07:42 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\SmartSteamEmu
[2015/12/26 17:07:32 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Sun
[2016/10/06 19:46:17 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\TeamViewer
[2016/01/09 16:09:18 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\TechSmith
[2016/12/13 17:58:06 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\TS3Client
[2016/11/25 20:54:09 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\Unreal Engine
[2016/07/22 23:08:49 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\uTorrent
[2015/12/25 19:33:56 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\WinRAR
[2016/11/25 16:30:24 | 000,000,000 | ---D | M] -- C:\Users\Randy\AppData\Roaming\ZHP

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2016/10/19 18:42:02 | 035,167,920 | ---- | M] (GOG.com ) -- C:\Users\Randy\AppData\Roaming\Skype\My Skype Received Files\setup_titan_quest_anniversary_edition_2.2.0.4.exe
[2016/05/13 19:25:15 | 002,530,304 | ---- | M] (BitTorrent Inc.) -- C:\Users\Randy\AppData\Roaming\uTorrent\uTorrent.exe
[2016/05/13 19:25:15 | 002,530,304 | ---- | M] (BitTorrent Inc.) -- C:\Users\Randy\AppData\Roaming\uTorrent\updates\3.4.7_42330.exe
[2016/05/13 19:25:16 | 000,387,072 | ---- | M] (BitTorrent Inc.) -- C:\Users\Randy\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
[2016/11/07 23:17:21 | 002,486,272 | ---- | M] () -- C:\Users\Randy\AppData\Roaming\ZHP\ZHPCleaner.exe
[2016/11/23 19:49:45 | 002,484,736 | ---- | M] () -- C:\Users\Randy\AppData\Roaming\ZHP\ZHPDiag3.exe
[2016/07/11 13:46:40 | 000,225,944 | ---- | M] () -- C:\Users\Randy\AppData\Roaming\ZHP\Quarantine\Lightshot.exe
[2014/11/28 13:29:10 | 000,105,728 | ---- | M] () -- C:\Users\Randy\AppData\Roaming\ZHP\Quarantine\Updater.exe
[36 C:\Users\Randy\AppData\Roaming\ZHP\Quarantine\*.tmp files -> C:\Users\Randy\AppData\Roaming\ZHP\Quarantine\*.tmp -> ]
[2016/08/06 20:57:34 | 001,548,440 | ---- | M] () -- C:\Users\Randy\AppData\Roaming\ZHP\Quarantine\Skillbrains.DIR\lightshot\unins000.exe
[2016/07/11 13:46:34 | 000,483,992 | ---- | M] (Skillbrains) -- C:\Users\Randy\AppData\Roaming\ZHP\Quarantine\Skillbrains.DIR\lightshot\5.4.0.1\Lightshot.exe
[2014/11/28 13:29:10 | 000,573,696 | ---- | M] () -- C:\Users\Randy\AppData\Roaming\ZHP\Quarantine\Skillbrains.DIR\Updater\1.7.2.5\Updater.exe

[color=#A23BEC]< %temp%\*.exe /s >[/color]
[2014/07/31 17:54:38 | 000,015,752 | ---- | M] (Autodesk, Inc.) -- C:\Users\Randy\AppData\Local\Temp\AcDeltree.exe
[27 C:\Users\Randy\AppData\Local\Temp\*.tmp files -> C:\Users\Randy\AppData\Local\Temp\*.tmp -> ]
[2015/01/26 17:34:42 | 001,003,912 | ---- | M] (Autodesk, Inc.) -- C:\Users\Randy\AppData\Local\Temp\_AI16B1.tmp\Setup.exe
[2015/01/26 17:34:40 | 000,015,752 | ---- | M] (Autodesk, Inc.) -- C:\Users\Randy\AppData\Local\Temp\_AI16B1.tmp\Setup\AcDelTree.exe
[2013/11/22 04:30:12 | 003,009,352 | ---- | M] (Autodesk, Inc.) -- C:\Users\Randy\AppData\Local\Temp\_AI16B1.tmp\Setup\senddmp.exe
[2016/01/09 14:32:17 | 000,119,087 | ---- | M] (Bandisoft) -- C:\Users\Randy\AppData\Local\Temp\~nsu.tmp\Au_.exe
[2016/09/09 19:28:40 | 000,411,912 | ---- | M] () -- C:\Users\Randy\AppData\Local\Temp\~nsuA.tmp\Au_.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\consrv.dll >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< %windir%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2016/11/02 11:59:45 | 004,673,304 | ---- | M] (Microsoft Corporation) MD5=43BF96FCF50945BE35C22206980C9068 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.447_none_8b8ea88b17a50c73\explorer.exe
[2016/11/11 10:56:12 | 004,673,304 | ---- | M] (Microsoft Corporation) MD5=4E10FB1A015B49AC68F76C1A3F4D9C0F -- C:\Windows\explorer.exe
[2016/11/11 10:56:12 | 004,673,304 | ---- | M] (Microsoft Corporation) MD5=4E10FB1A015B49AC68F76C1A3F4D9C0F -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.479_none_8b70395b17bb92f4\explorer.exe
[2016/11/11 19:53:12 | 000,131,541 | ---- | M] () MD5=59A8CA09DF8032E09B6393AA50B67112 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.0_none_7f29128d906f1326\explorer.exe
[2016/11/11 08:41:45 | 004,311,736 | ---- | M] (Microsoft Corporation) MD5=AF46710DDB8B0E304AA4FD2B940CABD8 -- C:\Windows\SysWOW64\explorer.exe
[2016/11/11 08:41:45 | 004,311,736 | ---- | M] (Microsoft Corporation) MD5=AF46710DDB8B0E304AA4FD2B940CABD8 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.479_none_95c4e3ad4c1c54ef\explorer.exe
[2016/11/02 12:04:36 | 004,312,248 | ---- | M] (Microsoft Corporation) MD5=C29554D34BC2B4DFBC4C5C761F786179 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.447_none_95e352dd4c05ce6e\explorer.exe
[2016/11/11 20:02:02 | 000,094,879 | ---- | M] () MD5=E0A9D57909310D9FAC02B60EF661E3AF -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.0_none_897dbcdfc4cfd521\explorer.exe

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2016/07/16 12:42:27 | 000,454,600 | ---- | M] (Microsoft Corporation) MD5=133390D061D94917125DC666DA67ECD0 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_10.0.14393.0_none_6c8d30ea1355e3dc\services.exe
[2016/11/11 10:51:14 | 000,454,592 | ---- | M] (Microsoft Corporation) MD5=3C69CC28665854F1AAB4B4005005FA31 -- C:\WINDOWS\SysNative\services.exe
[2016/11/11 10:51:14 | 000,454,592 | ---- | M] (Microsoft Corporation) MD5=3C69CC28665854F1AAB4B4005005FA31 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_10.0.14393.479_none_78d457b79aa263aa\services.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2016/07/16 12:42:27 | 000,304,240 | ---- | M] (Microsoft Corporation) MD5=99A19C9A74E2F9820E501DCE77F84F70 -- C:\WINDOWS\SysNative\wininit.exe
[2016/07/16 12:42:27 | 000,304,240 | ---- | M] (Microsoft Corporation) MD5=99A19C9A74E2F9820E501DCE77F84F70 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_10.0.14393.0_none_5e67244a1b034b09\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2016/11/07 17:32:23 | 000,044,531 | ---- | M] () MD5=0653215B4AAF91CF63A71B9E300CE4CE -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.14393.0_none_9d376c91eba4205c\winlogon.exe
[2016/10/15 04:36:59 | 000,673,792 | ---- | M] (Microsoft Corporation) MD5=D243745884BCBC21E91AB569A0AD514E -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.14393.351_none_a98c2f0172e7a069\winlogon.exe
[2016/11/11 10:05:00 | 000,673,792 | ---- | M] (Microsoft Corporation) MD5=DE6DF9BBBECAFDEF462A37D839167368 -- C:\WINDOWS\SysNative\winlogon.exe
[2016/11/11 10:05:00 | 000,673,792 | ---- | M] (Microsoft Corporation) MD5=DE6DF9BBBECAFDEF462A37D839167368 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.14393.479_none_a97e935f72f0a02a\winlogon.exe
[2016/03/10 14:07:16 | 000,960,480 | ---- | M] (MalwareBytes) MD5=F86A4139730504047F52CCFB8C47E9F5 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet \Services\lanmanserver\parameters /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\SubSystems /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\AppCertDlls /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s >[/color]
"Default" = %SystemDrive%\Users\Default -- [2016/08/24 11:37:43 | 000,000,000 | RH-D | M]
"ProfilesDirectory" = %SystemDrive%\Users -- [2016/08/24 11:12:33 | 000,000,000 | R--D | M]
"ProgramData" = %SystemDrive%\ProgramData -- [2016/12/14 17:47:15 | 000,000,000 | -H-D | M]
"Public" = %SystemDrive%\Users\Public -- [2016/11/06 21:00:34 | 000,000,000 | R--D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18]
"Flags" = 12
"ProfileImagePath" = %systemroot%\system32\config\systemprofile -- [2016/08/24 11:26:37 | 000,000,000 | ---D | M]
"RefCount" = 1
"Sid" = 01 01 00 00 00 00 00 05 12 00 00 00 [binary data]
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19]
"ProfileImagePath" = C:\WINDOWS\ServiceProfiles\LocalService -- [2016/08/24 10:58:57 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20]
"ProfileImagePath" = C:\WINDOWS\ServiceProfiles\NetworkService -- [2016/08/24 11:12:47 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3939544326-3822232667-1587598136-1001]
"ProfileImagePath" = C:\Users\Randy -- [2016/12/14 12:17:25 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 06 AD D0 EA 5B A4 D2 E3 38 D3 A0 5E E9 03 00 00 [binary data]
"Migrated" = 70 05 47 5A EF FD D1 01 [binary data]
"ProfileAttemptedProfileDownloadTimeLow" = 0
"ProfileAttemptedProfileDownloadTimeHigh" = 0
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 12
"RunLogonScriptSync" = 0

[color=#A23BEC]< HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 64
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 64

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 9
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 9

[color=#A23BEC]< nslookup http://www.google.fr /c >[/color]
Serveur : box
Address: 192.168.1.1

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color]
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2016/11/08 21:29:28 | 000,921,192 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2016/11/08 21:29:28 | 000,921,192 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2016/11/08 21:29:28 | 000,921,192 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2016/11/08 21:29:28 | 000,921,192 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2016/07/16 12:43:06 | 000,825,024 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2016/07/16 12:43:06 | 000,825,024 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SafeZoneStable\InstallInfo\\ShowIconsCommand: "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --showicons [2016/09/06 12:01:51 | 000,783,320 | ---- | M] (Avast Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SafeZoneStable\InstallInfo\\HideIconsCommand: "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --hideicons [2016/09/06 12:01:51 | 000,783,320 | ---- | M] (Avast Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SafeZoneStable\InstallInfo\\ReinstallCommand: "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser [2016/09/06 12:01:51 | 000,783,320 | ---- | M] (Avast Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SafeZoneStable\shell\open\command\\: "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [2016/09/06 12:01:51 | 000,783,320 | ---- | M] (Avast Software)

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color]
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2016/11/08 21:29:28 | 000,921,192 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2016/11/08 21:29:28 | 000,921,192 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2016/11/08 21:29:28 | 000,921,192 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2016/11/08 21:29:28 | 000,921,192 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2016/09/07 05:56:31 | 000,223,744 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2016/09/07 05:56:31 | 000,223,744 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2016/09/07 05:56:31 | 000,223,744 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2016/07/16 12:43:06 | 000,825,024 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2016/07/16 12:43:06 | 000,825,024 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SafeZoneStable\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES\AVAST SOFTWARE\SZBROWSER\LAUNCHER.EXE" --SHOWICONS [2016/09/06 12:01:51 | 000,783,320 | ---- | M] (Avast Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SafeZoneStable\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES\AVAST SOFTWARE\SZBROWSER\LAUNCHER.EXE" --HIDEICONS [2016/09/06 12:01:51 | 000,783,320 | ---- | M] (Avast Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SafeZoneStable\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES\AVAST SOFTWARE\SZBROWSER\LAUNCHER.EXE" --MAKEDEFAULTBROWSER [2016/09/06 12:01:51 | 000,783,320 | ---- | M] (Avast Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SafeZoneStable\shell\open\command\\: "C:\PROGRAM FILES\AVAST SOFTWARE\SZBROWSER\LAUNCHER.EXE" [2016/09/06 12:01:51 | 000,783,320 | ---- | M] (Avast Software)

[color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color]
[C:\WINDOWS\RE_DRIVE\Mount] -> Volume{a1aee8d0-55a7-4905-93e1-97f1edc5b99e}\ -> Mount Point

< End of report >

Signaler le contenu de ce document