¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ QuickDiag | g3n-h@ckm@n | 2_22.06.2016.1 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤ XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ¤¤¤¤¤ - Start 23/06/2016 00:47:08 Updated 22/06/2016 | 22.30 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Nosferoth (Administrator)] - [NOSFEROTH-PC] SID = S-1-5-21-2214036511-2365878364-1413446509-1000 System : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1 PC : ASUSTeK COMPUTER INC. - B85-PRO GAMER - All Processor : X64 - 3500 Mhz - Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz Bios : American Megatrends Inc. - 08/19/2014 - V.2103 BIOS Date: 08/19/14 10:46:43 Ver: 21.03 - fr|FR|iso8859-1 - American Megatrends Inc. Bios : System Serial Number - 2103 - ALASKA - 1072009 Boot : Normal boot Boot : Microsoft Windows 7 Édition Intégrale |C:\Windows|\Device\Harddisk0\Partition2 CoreTemp : 29.8° C - Max : 105° C ---------- | CPU CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:100 % CPU #4 value:0 % Total Overall CPU Usage value:25 % ---------- | Network isatap.{7B14672F-F8B8-4158-915B-F1DFC0F6FBD4} : SENT:0 bytes/sec / RECVD:0 bytes/sec SEND Maxium:25 bytes/sec, / RECEIVE Maximum:0 bytes/sec WAN Miniport (SSTP) - - Microsoft - PnPID : ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) - - Microsoft - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (L2TP) - - Microsoft - PnPID : ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (PPTP) - - Microsoft - PnPID : ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) - - Microsoft - PnPID : ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IPv6) - - Microsoft - PnPID : ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) - - Microsoft - PnPID : ROOT\MS_NDISWANBH\0000 Intel(R) Ethernet Connection I217-V - Ethernet 802.3 - Intel - PnPID : PCI\VEN_8086&DEV_153B&SUBSYS_859F1043&REV_05\3&11583659&0&C8 WAN Miniport (IP) - - Microsoft - PnPID : ROOT\MS_NDISWANIP\0000 Carte Microsoft ISATAP - Tunnel - Microsoft - PnPID : ROOT\*ISATAP\0000 RAS Async Adapter - - - PnPID : ----------> Extended ¤¤¤¤¤¤¤¤¤¤ | Memory RAM = Total (MB) : 8325 | Free (MB) : 3939 Pagefile = Total (MB) : 16648 | Free (MB) : 11596 Virtual = Total (MB) : 4194 | Free (MB) : 4040 Physical Memory 1 : Capacity: 4294967296 - ChannelA-DIMM1 - Posit.: - Manufacturer: 0215 - PartNumber: CML8GX3M2A1600C9 - S/N: 00000000 Physical Memory 3 : Capacity: 4294967296 - ChannelB-DIMM1 - Posit.: - Manufacturer: 0215 - PartNumber: CML8GX3M2A1600C9 - S/N: 00000000 ¤¤¤¤¤¤¤¤¤¤ | SID Users Administrateur : [S-1-5-21-2214036511-2365878364-1413446509-500] HomeGroupUser$ : [S-1-5-21-2214036511-2365878364-1413446509-1002] Invité : [S-1-5-21-2214036511-2365878364-1413446509-501] Nosferoth : [S-1-5-21-2214036511-2365878364-1413446509-1000] Administrateurs : [S-1-5-32-544] Duplicateurs : [S-1-5-32-552] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Opérateurs de chiffrement : [S-1-5-32-569] Opérateurs de configuration réseau : [S-1-5-32-556] Opérateurs de sauvegarde : [S-1-5-32-551] Utilisateurs : [S-1-5-32-545] Utilisateurs avec pouvoir : [S-1-5-32-547] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du Bureau à distance : [S-1-5-32-555] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] HomeUsers : [S-1-5-21-2214036511-2365878364-1413446509-1001] ¤¤¤¤¤¤¤¤¤¤ | Drives C:\ -> [Fixed] | [] | Total : 1862.92 Go | Free : 1810.42 Go -> NTFS [SATA] Disk Usage Information [2 total Physical Disks] Physical Drive #0 [C:] : Read:0 bytes/sec, Written:227,899 bytes/sec Max Read:0 bytes/sec, Max Write:227,899 bytes/sec Physical Drive #\ [NOSFEROTH-PC\Disque, physique(1)\Écritures, disque,, octets/s] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:227,899 bytes/sec DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - IDE - Fixed hard disk media - 0 Part. - PnPID : SCSI\DISK&VEN_WDC&PROD_WD1001FALS-00J7B\4&E937C7&0&050000 DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 2 Part. - PnPID : SCSI\DISK&VEN_WDC&PROD_WD20EARS-00J2GB0\4&E937C7&0&040000 ¤¤¤¤¤¤¤¤¤¤ | Windows updates Last detection : 2016-06-21 22:28:50 Downloaded last ones : 2016-06-22 01:09:38 Installed last ones : 2016-06-22 01:08:11 Next search : 2016-06-22 21:41:40 Microsoft : + Windows Is NOT Activated ¤¤¤¤¤¤¤¤¤¤ | Browsers IE : 8.0.7601.17514 (© Microsoft Corporation. Tous droits réservés.) FF : 47.0.0.5999 (©Firefox and Mozilla Developers; available under the MPL 2 license.) Default : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" ¤¤¤¤¤¤¤¤¤¤ | FlashPlayer ¤¤¤¤¤¤¤¤¤¤ | Security AM : Malwarebytes' Anti-Malware ( 2.3.173.0) [Update : 22/06/2016 01:47:17] FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ¤¤¤¤¤¤¤¤¤¤ | Running processes 376 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7600.16385) = C:\Windows\System32\smss.exe CPU Usage:0 % 652 | [Owner : | Parent : 568() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe CPU Usage:0 % 688 | [Owner : | Parent : 636() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.17514) = C:\Windows\System32\winlogon.exe CPU Usage:0 % 748 | [Owner : | Parent : 652(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7600.16385) = C:\Windows\System32\services.exe CPU Usage:0 % 756 | [Owner : | Parent : 652(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7600.16385) = C:\Windows\System32\lsass.exe CPU Usage:0 % 764 | [Owner : | Parent : 652(wininit.exe) | ?????] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe CPU Usage:0 % 876 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 952 | [Owner : | Parent : 748(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 368.39.) - (8.17.13.6839) = C:\Windows\System32\nvvsvc.exe CPU Usage:0 % 976 | [Owner : | Parent : 748(services.exe) | ?????] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.6839) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe CPU Usage:0 % 1008 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 572 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1004 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1044 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:25 % 1184 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1280 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1372 | [Owner : | Parent : 748(services.exe) | ?????] - (.AVAST Software - avast! Service.) - (11.2.2738.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe CPU Usage:0 % 1412 | [Owner : | Parent : 952(nvvsvc.exe) | ?????] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.6839) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe CPU Usage:0 % 1544 | [Owner : Nosferoth | Parent : 1004(svchost.exe) | 36.04 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe CPU Usage:0 % 1552 | [Owner : Nosferoth | Parent : 1536() | 50.26 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17514) = C:\Windows\explorer.exe CPU Usage:0 % 1848 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe CPU Usage:0 % 1856 | [Owner : Nosferoth | Parent : 748(services.exe) | 7.41 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.17514) = C:\Windows\System32\taskhost.exe CPU Usage:0 % 1916 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1072 | [Owner : | Parent : 748(services.exe) | ?????] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.18.4103) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe CPU Usage:0 % 1272 | [Owner : | Parent : 748(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe CPU Usage:0 % 1348 | [Owner : Nosferoth | Parent : 1044(svchost.exe) | 6.1 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe CPU Usage:0 % 1484 | [Owner : | Parent : 748(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Windows\SysWOW64\ASGT.exe CPU Usage:0 % 1088 | [Owner : Nosferoth | Parent : 1348(taskeng.exe) | 0.53 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe CPU Usage:0 % 2016 | [Owner : Nosferoth | Parent : 1348(taskeng.exe) | 1.47 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe CPU Usage:0 % 2040 | [Owner : | Parent : 748(services.exe) | ?????] - (.ASUSTeK Computer Inc. -.) - (0.1.0.19) = C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe CPU Usage:0 % 2052 | [Owner : Nosferoth | Parent : 1348(taskeng.exe) | 0.94 Mo] - (.ASUSTeK Computer Inc. -.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe CPU Usage:0 % 2124 | [Owner : | Parent : 748(services.exe) | ?????] - (.ASUSTeK Computer Inc. - ASUS Motherboard Fan Control Service.) - (1.0.1.4) = C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.11\AsusFanControlService.exe CPU Usage:0 % 2136 | [Owner : Nosferoth | Parent : 1552(explorer.exe) | 10.61 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.350) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe CPU Usage:0 % 2180 | [Owner : Nosferoth | Parent : 1552(explorer.exe) | 10.38 Mo] - (.cFos Software GmbH - cFosSpeed Window.) - (9.5.2096.0) = C:\Program Files\ASUS\ROG GameFirst II\cfosspeed.exe CPU Usage:0 % 2188 | [Owner : Nosferoth | Parent : 1552(explorer.exe) | 22.66 Mo] - (.NVIDIA Corporation - NVIDIA Backend.) - (20.16.5.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe CPU Usage:0 % 2456 | [Owner : Nosferoth | Parent : 1412(nvxdsync.exe) | 11.95 Mo] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.6839) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe CPU Usage:0 % 2508 | [Owner : | Parent : 748(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - (2.11.3.5) = C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe CPU Usage:0 % 2576 | [Owner : | Parent : 748(services.exe) | ?????] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.31.8.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe CPU Usage:0 % 2612 | [Owner : | Parent : 748(services.exe) | ?????] - (.Intel Corporation - Intel® PROSet Monitoring Service.) - (18.7.2.0) = C:\Windows\System32\IPROSetMonitor.exe CPU Usage:0 % 2680 | [Owner : | Parent : 748(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Network Service.) - (2.4.13.69) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe CPU Usage:0 % 2856 | [Owner : | Parent : 748(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (7.1.2071.1338) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe CPU Usage:0 % 2876 | [Owner : Nosferoth | Parent : 2748() | 6.06 Mo] - (.WinZip Computing, S.L. - File Association Helper.) - (2.5.12109.0) = C:\Program Files\WinZip\FAHWindow64.exe CPU Usage:0 % 2904 | [Owner : Nosferoth | Parent : 1552(explorer.exe) | 11.53 Mo] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (5.5.0.387) = C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe CPU Usage:0 % 3068 | [Owner : Nosferoth | Parent : 1552(explorer.exe) | 8.82 Mo] - (.WinZip Computing, S.L. - Notification de Mises à jour WinZip.) - (2.0.12109.0) = C:\Program Files\WinZip\WZUpdateNotifier.exe CPU Usage:0 % 424 | [Owner : Nosferoth | Parent : 2468() | 5.26 Mo] - (.Intel Corporation - iusb3mon.) - (2.5.0.19) = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe CPU Usage:0 % 2380 | [Owner : Nosferoth | Parent : 2468() | 5.97 Mo] - (.ASUSTek Computer Inc. - AiChargerAP MFC Application.) - (2.0.0.0) = C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe CPU Usage:0 % 2452 | [Owner : Nosferoth | Parent : 1552(explorer.exe) | 13.05 Mo] - (.WinZip Computing, S.L. - WinZip Preloader.) - (20.5.12119.0) = C:\Program Files\WinZip\WzPreloader.exe CPU Usage:0 % 2504 | [Owner : Nosferoth | Parent : 2468() | 9.04 Mo] - (.AVAST Software - avast! Antivirus.) - (11.2.2738.16) = C:\Program Files\AVAST Software\Avast\avastui.exe CPU Usage:0 % 3720 | [Owner : Nosferoth | Parent : 2060() | 0.53 Mo] - (.ASUSTeK Computer Inc. - USB 3.0 Boost Service.) - (1.0.1.3) = C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe CPU Usage:0 % 3824 | [Owner : Nosferoth | Parent : 876(svchost.exe) | 6.03 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe CPU Usage:0 % 4036 | [Owner : Nosferoth | Parent : 2172(SearchIndexer.exe) | 31.35 Mo] - (.Intel Corporation - IAStorIcon.) - (12.8.0.1016) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe CPU Usage:0 % 2204 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 2172 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7600.16385) = C:\Windows\System32\SearchIndexer.exe CPU Usage:0 % 4192 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 4612 | [Owner : | Parent : 748(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) - (7.1.2071.1338) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe CPU Usage:0 % 5096 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe CPU Usage:0 % 4040 | [Owner : | Parent : 2856(NvStreamService.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Streamer User Agent.) - (7.1.2071.1338) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe CPU Usage:0 % 1644 | [Owner : | Parent : 644(csrss.exe) | ?????] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.17514) = C:\Windows\System32\conhost.exe CPU Usage:0 % 4524 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1720 | [Owner : Nosferoth | Parent : 2052(AISuite3.exe) | 1.03 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe CPU Usage:0 % 4100 | [Owner : | Parent : 748(services.exe) | ?????] - (.Intel Corporation - IAStorDataSvc.) - (12.8.0.1016) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe CPU Usage:0 % 1692 | [Owner : | Parent : 748(services.exe) | ?????] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (9.5.12.1682) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe CPU Usage:0 % 1308 | [Owner : | Parent : 748(services.exe) | ?????] - (.Intel Corporation - Intel(R) Local Management Service.) - (9.5.10.1628) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe CPU Usage:0 % 384 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe CPU Usage:0 % 2076 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 4372 | [Owner : | Parent : 748(services.exe) | ?????] - (.Microsoft Corporation - Programme d’installation pour les modules Windows.) - (6.1.7601.17514) = C:\Windows\servicing\TrustedInstaller.exe CPU Usage:0 % 5024 | [Owner : Nosferoth | Parent : 1044(svchost.exe) | 6.58 Mo] - (.Microsoft Corporation - Windows Update.) - (7.6.7600.320) = C:\Windows\System32\wuauclt.exe CPU Usage:0 % 6060 | [Owner : Nosferoth | Parent : 748(services.exe) | 8.9 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.17514) = C:\Windows\System32\taskhost.exe CPU Usage:0 % 3236 | [Owner : Nosferoth | Parent : 1552(explorer.exe) | 217.2 Mo] - (.Mozilla Corporation - Firefox.) - (47.0.0.5999) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe CPU Usage:0 % 992 | [Owner : | Parent : 572(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.17514) = C:\Windows\System32\audiodg.exe CPU Usage:0 % 6008 | [Owner : Nosferoth | Parent : 1552(explorer.exe) | 21.42 Mo] - (.SosVirus - QuickDiag.) - (22.6.2016.1) = C:\Users\Nosferoth\Desktop\quickdiag_2_22.06.2016.1.exe CPU Usage:0 % ¤¤¤¤¤¤¤¤¤¤ | MD5 [MD5.AC4C51EB24AA95B77F705AB159189E24] - [22/06/2016 01:31:20] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2805 Ko] - (6.1.7601.17514) : C:\Windows\Explorer.exe [MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [22/06/2016 01:30:54] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [337 Ko] - (6.1.7601.17514) : C:\Windows\System32\cmd.exe [MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 01:19:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe [MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 01:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe [MD5.7A6326D96D53048FDEC542DF23D875A0] - [22/06/2016 01:31:13] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1134 Ko] - (6.1.7601.17514) : C:\Windows\System32\Kernel32.dll [MD5.0793F40B9B8A1BDD266296409DBD91EA] - [14/07/2009 01:20:54] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\lsass.exe [MD5.5C627D1B1138676C0A7AB2C2C190D123] - [22/06/2016 01:31:10] - (.© Microsoft Corporation. - Distributed COM Services.) - [500 Ko] - (6.1.7601.17514) : C:\Windows\System32\rpcss.dll [MD5.DD81D91FF3B0763C392422865C9AC12E] - [14/07/2009 01:57:20] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe [MD5.24ACB7E5BE595468E3B9AA488B9B4FCB] - [14/07/2009 01:19:46] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [321 Ko] - (6.1.7600.16385) : C:\Windows\System32\services.exe [MD5.C78655BC80301D76ED4FEF1C1EA40A7D] - [14/07/2009 01:31:13] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [26.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\svchost.exe [MD5.FE70103391A64039A921DBFFF9C7AB1B] - [22/06/2016 01:31:08] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [984.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\user32.dll [MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [22/06/2016 01:30:07] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe [MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 01:52:37] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [22/06/2016 01:30:59] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [381.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Winlogon.exe [MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - [22/06/2016 01:31:11] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [488 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\afd.sys [MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\atapi.sys [MD5.A34FE1E025E88798E746F484956C0720] - [22/06/2016 01:30:07] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\ataport.sys [MD5.B8BD2BB284668C84865658C77574381A] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys [MD5.F036CE71586E93D94DAB220D7BDF4416] - [22/06/2016 01:29:23] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\cdrom.sys [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - [22/06/2016 01:29:28] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [100 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\dfsc.sys [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [22/06/2016 01:29:23] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\hdaudbus.sys [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [14/07/2009 01:19:58] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\i8042prt.sys [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [14/07/2009 02:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\ipnat.sys [MD5.FAF015B07E3A2874A790A39B7D2C579F] - [22/06/2016 01:30:40] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [154.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\mrxsmb.sys [MD5.79B47FD40D9A817E932F9D26FAC0A81C] - [22/06/2016 01:31:12] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [929.38 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\ndis.sys [MD5.09594D1089C523423B32A4229263F068] - [22/06/2016 01:31:04] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\netbt.sys [MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - [22/06/2016 01:31:21] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1620.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\ntfs.sys [MD5.0086431C29C35BE1DBC43F52CC273887] - [14/07/2009 02:00:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [95 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\parport.sys [MD5.471815800AE33E6F1C32FB1B97C490CA] - [22/06/2016 01:30:39] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rasl2tp.sys [MD5.1B6163C503398B23FF8B939C67747683] - [22/06/2016 01:30:06] - (.© Microsoft Corporation. - Microsoft RDP Device redirector.) - [162 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rdpdr.sys [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [14/07/2009 02:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys [MD5.509383E505C973ED7534A06B3D19688D] - [22/06/2016 01:31:27] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1879.38 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\tcpip.sys [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [22/06/2016 01:31:04] - (.© Microsoft Corporation. - TDI Translation Driver.) - [116.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\tdx.sys [MD5.DF8126BD41180351A093A3AD2FC8903B] - [19/06/2016 19:08:33] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [289.38 Ko] - (6.1.7601.17567) : C:\Windows\System32\Drivers\volsnap.sys ¤¤¤¤¤¤¤¤¤¤ | Locked Applications ¤¤¤¤¤¤¤¤¤¤ | Explorer.exe component call (Microsoft Files Whitelisted) (.AVAST Software.-.avast! Shell Extension.) - (11.2.2738.0) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll (.WinZip Computing, S.L..-.File Association Helper.) - (2.5.12109.0) -- C:\Program Files\WinZip\FAHDll64.dll (.Disc Soft Ltd.-.DAEMON Tools Pro.) - (5.5.0.387) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll (.WinZip Computing, S.L..-.WinZip Shell Extension DLL.) - (4.1.0.0) -- C:\Program Files\WinZip\wzshls64.dll ¤¤¤¤¤¤¤¤¤¤ | Svchost.exe component call (Microsoft Files Whitelisted) ¤¤¤¤¤¤¤¤¤¤ | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ¤¤¤¤¤¤¤¤¤¤ | Startings up [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 [HKU\S-1-5-18\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Pro Agent"="C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun "Steam"="C:\Program Files (x86)\Steam\steam.exe" -silent [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"=C:\Windows\System32\mctadmin.exe [14/07/2009 01:54:49] [HKU\S-1-5-20\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"=C:\Windows\System32\mctadmin.exe [14/07/2009 01:54:49] [HKU\S-1-5-19\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 "ROG GameFirst II"=C:\Program Files\ASUS\ROG GameFirst II\cFosSpeed.exe [19/06/2016 20:42:33] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "ASUS Ai Charger"=C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [19/06/2016 20:15:16] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ¤¤¤¤¤¤¤¤¤¤ | Startings up registry ¦ Folder ¤¤¤¤¤¤¤¤¤¤ | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=bead0651-6ddb-444d-8b31-cf0d164 "RailShowallNotifyIcons"=1 "RDPVGCInstalled"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=12000 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u "Authentication Packages"=msv1_0 "LsaPid"=756 "SecureBoot"=1 "ProductType"=1 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 ¤¤¤¤¤¤¤¤¤¤ | .LNK C:\Users\Nosferoth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk (/prefetch:1) C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk (/name Microsoft.EaseOfAccessCenter) C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( -extoff) C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk (startmenu) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk (/showgadgets) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk (/open) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk (%SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk (-NoExit -ImportSystemModules) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite 3\Uninstall AI Suite 3.lnk (-u) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ROG GameFirst II\Désinstaller ROG GameFirst II.lnk (-uninstall) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk (/name Microsoft.BackupAndRestore) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk (/show) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk (/disable) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk (/enable) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk () P1�HE�WinZip:��H;��HE�*�AWinZipf2ئ�H@� FAHCON~1.EXEJワH@��HC�* C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk () P1�HE�WinZip:��H;��HE�*�AWinZipr2�^�H@�!WZUPDA~1.EXEVワH@��HC�* C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk () P1�HE�WinZip:��H;��HE�*�AWinZiph2h�H@�!WZPREL~1.EXELワH@��HC�* ¤¤¤¤¤¤¤¤¤¤ | AppCertDlls | AppInit_DLLs ¤¤¤¤¤¤¤¤¤¤ | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ¤¤¤¤¤¤¤¤¤¤ | Policies | Registry [HKU\S-1-5-18\Control Panel\Desktop] "DragFullWindows"=1 "FontSmoothing"=2 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "UserPreferencesMask"=0x9E3E038012000000 [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "UserPreferencesMask"=0x9E3E078012000000 "Wallpaper"=C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [19/06/2016 19:05:22] "Pattern Upgrade"=TRUE [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 [HKU\S-1-5-20\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 [HKU\S-1-5-19\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "SoftwareSASGeneration"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=13 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "SoftwareSASGeneration"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=14 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ¤¤¤¤¤¤¤¤¤¤ | Winlogon [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin [HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=43 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe "VMApplet"=SystemPropertiesPerformance.exe /pagefile ¤¤¤¤¤¤¤¤¤¤ | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files (x86)\Internet Explorer\iexplore.exe [22/06/2016 01:30:07] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files (x86)\Internet Explorer\iexplore.exe [22/06/2016 01:30:07] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser ¤¤¤¤¤¤¤¤¤¤ | AppcompatFlags [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "SIGN.MEDIA=3C29DD0 .\Bin\ASSETUP.exe"=1 "D:\Drivers\Audio\Driver\Setup.exe"=1 "SIGN.MEDIA=40BC8D80 Setup.exe"=1 "SIGN.MEDIA=1ECE030 CheckID.exe"=1 "C:\Users\Nosferoth\Desktop\Bureau\Téléchargement\SteamSetup.exe"=1 "C:\Users\Nosferoth\Desktop\Bureau\Téléchargement\avast_free_antivirus_setup_online.exe"=1 "C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe"=1 "C:\Users\Nosferoth\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6RD4M14I\Firefox%20Setup%20Stub%2047.0[1].exe"=1 "C:\Users\Nosferoth\Desktop\Bureau\Téléchargement\mbam-setup-2.2.0.1024.exe"=1 "C:\Users\Nosferoth\Downloads\ZHPFix.exe"=1 "C:\Program Files (x86)\ZHPFix\ZHPhep.exe"=1 [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"=32 ¤¤¤¤¤¤¤¤¤¤ | IFEO ¤¤¤¤¤¤¤¤¤¤ | Mountpoints2 [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{8f4e6a74-363e-11e6-90d3-806e6f6e6963}] : D:\.\Bin\ASSETUP.exe (AutoRun) ¤¤¤¤¤¤¤¤¤¤ | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ¤¤¤¤¤¤¤¤¤¤ | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0x39A082B64BCAD101 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ¤¤¤¤¤¤¤¤¤¤ | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ¤¤¤¤¤¤¤¤¤¤ | Winsock (Whitelist) ¤¤¤¤¤¤¤¤¤¤ | Hosts ¤¤¤¤¤¤¤¤¤¤ | @ [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main] "Enable Browser Extensions"=yes [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnableNegotiate"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "IE5_UA_Backup_Flag"=5.0 "ZonesSecurityUpgrade"=0xB6A118893F04CA01 "ProxyEnable"=0 [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=1 "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2700000027000000D7040000CA020000 "Start Page Redirect Cache"=http://www.msn.com/fr-fr/?ocid=iehp "Start Page Redirect Cache_TIMESTAMP"=0xD879094B4DCBD101 "Start Page Redirect Cache AcceptLangs"=fr "IE8RunOnceLastShown"=1 "IE8RunOnceLastShown_TIMESTAMP"=0xE3317F4C4DCBD101 "IE8TourShown"=1 "IE8TourShownTime"=0x385E4F4E4DCBD101 "NotifyDownloadComplete"=yes [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=160 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0x85660FC34CCAD101 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "GlobalUserOffline"=0 [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "EnableNegotiate"=1 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157 "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "Tabs"=res://ieframe.dll/tabswelcome.htm "OfflineInformation"=res://ieframe.dll/offcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157 "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "Tabs"=res://ieframe.dll/tabswelcome.htm "OfflineInformation"=res://ieframe.dll/offcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ¤¤¤¤¤¤¤¤¤¤ | reparsepoint ¤¤¤¤¤¤¤¤¤¤ | Detection of offsets ¤¤¤¤¤¤¤¤¤¤ | Notify ¤¤¤¤¤¤¤¤¤¤ | SSODL | SEH | URLSH | STS ¤¤¤¤¤¤¤¤¤¤ | Toolbar [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=0xB1C218236549D4119B18009027A5CD4F "ITBar7Layout"=0x13000000000000000000000030000000100001001F00000001000000000700005E010000060000000101000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000B1C218236549D4119B18009027A5CD4F0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=31 [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "DownloadRetries"=0 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990} ¤¤¤¤¤¤¤¤¤¤ | Extensions ¤¤¤¤¤¤¤¤¤¤ | SearchScopes [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC : [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : ¤¤¤¤¤¤¤¤¤¤ | ElevationPolicy [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0002df01-0000-0000-c000-000000000046}] - (C:\Program Files\Internet Explorer) - iexplore.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00AB3925-B470-4264-B354-03E373074F23}] - (C:\Program Files\AVAST Software\Avast) - aswWrcIELoader32.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695}] - (C:\Windows\System32) - winfxdocobj.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] - (C:\Windows\System32) - msdt.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A972DAF-A7EC-4ce3-B6C9-7B523CD6685F}] - (C:\Program Files (x86)\Google\Google Toolbar) - GoogleToolbarUser_32.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\system32\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197EE5}] - (C:\Program Files (x86)\Google\GoogleToolbarNotifier) - GoogleToolbarNotifier.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5B020FD-E04B-4e67-B65A-E7DEED25B2CF}] - (%SystemRoot%\System32) - wisptis.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD18A03F-31CC-4CC0-B52D-9E199122923D}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (c:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (c:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE0B94B9-335F-4d2c-8B43-DACCD1EA6FF1}] - (C:\Program Files (x86)\Google\Google Toolbar) - GoogleToolbarUser_64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0002df01-0000-0000-c000-000000000046}] - (C:\Program Files (x86)\Internet Explorer) - iexplore.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00AB3925-B470-4264-B354-03E373074F23}] - (C:\Program Files\AVAST Software\Avast) - aswWrcIELoader32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695}] - (C:\Windows\SysWOW64) - winfxdocobj.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] - (C:\Windows\SysWOW64) - msdt.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B3FB63-66F4-4EFC-B717-BB283B85E79B}] - (C:\Program Files (x86)\Adobe\Reader 10.0\Reader\) - AcroBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A972DAF-A7EC-4ce3-B6C9-7B523CD6685F}] - (C:\Program Files (x86)\Google\Google Toolbar) - GoogleToolbarUser_32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{358E6F10-DE8A-4602-8424-179CA217F8EE}] - (C:\Program Files (x86)\Adobe\Reader 10.0\Reader) - AcroRd32Info.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E2369A-75BA-41F9-8B9E-16059E5CF9A6}] - (C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\) - AdobeARM.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197EE5}] - (C:\Program Files (x86)\Google\GoogleToolbarNotifier) - GoogleToolbarNotifier.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1F80F4-953F-41E7-8460-E64AE5BE4ED3}] - (C:\Program Files (x86)\Adobe\Reader 10.0\Reader) - AdobeCollabSync.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C6A861C-B233-4994-AFB1-C158EE4FC578}] - (C:\Program Files (x86)\Adobe\Reader 10.0\Reader) - AcroRd32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD18A03F-31CC-4CC0-B52D-9E199122923D}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] - (C:\Program Files (x86)\Google\Update\1.3.30.3) - GoogleUpdateBroker.exe : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] - (C:\Program Files (x86)\Google\Update\1.3.30.3) - GoogleUpdateWebPlugin.exe : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (c:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (c:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6E51F7A-27CE-4ba0-9951-4912E40EF4A3}] - (C:\Program Files (x86)\Adobe\Reader 10.0\Reader) - arh.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE0B94B9-335F-4d2c-8B43-DACCD1EA6FF1}] - (C:\Program Files (x86)\Google\Google Toolbar) - GoogleToolbarUser_64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : ¤¤¤¤¤¤¤¤¤¤ | Ext\Settings [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}] : : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}] : : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA58ED58-01DD-4D91-8333-CF10577473F7}] : : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] : : ¤¤¤¤¤¤¤¤¤¤ | Ext\Stats [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}] : : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25336920-03F9-11CF-8FD0-00AA00686F13}] : : C:\Windows\SysWOW64\mshtml.dll [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}] : : C:\Windows\SysWOW64\ieframe.dll [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}] : : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4D91-8333-CF10577473F7}] : : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{102AC6CF-0B45-4471-B90B-23439C3C52BA}] : : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\IntelWebAPIIPTActiveX.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] : : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] : : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll ¤¤¤¤¤¤¤¤¤¤ | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [20/06/2016 00:07:12] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] -> (Google Toolbar Helper) : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [20/06/2016 00:12:44] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [20/06/2016 00:07:12] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] -> (Google Toolbar Helper) : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [20/06/2016 00:12:44] ¤¤¤¤¤¤¤¤¤¤ | Chrome ¤¤¤¤¤¤¤¤¤¤ | Opera ¤¤¤¤¤¤¤¤¤¤ | Firefox [HKLM\Software\mozilla\Firefox\Extensions] "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Users\Nosferoth\AppData\Roaming\Mozilla\Firefox\Profiles\y2rkz1q1.default\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20160604131506"); user_pref("browser.startup.homepage_override.mstone", "47.0"); user_pref("extensions.blocklist.pingCountTotal", 3); user_pref("extensions.blocklist.pingCountVersion", 3); user_pref("extensions.bootstrappedAddons", "{\"e10srollout@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"firefox@getpocket.com\":{\"version\":\"1.0.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"loop@mozilla.org\":{\"version\":\"1.3.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true}}"); user_pref("extensions.databaseSchema", 17); user_pref("extensions.e10sBlockedByAddons", false); user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:47.0"); user_pref("extensions.getAddons.cache.lastUpdate", 1466553339); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20160106.01"); user_pref("extensions.lastAppVersion", "47.0"); user_pref("extensions.lastPlatformVersion", "47.0"); user_pref("extensions.pendingOperations", false); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.xpiState", "{\"app-system-defaults\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1465096182048},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.2\",\"st\":1465096182097},\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"1.3.2\",\"st\":1465096182256}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"47.0\",\"st\":1465096182047}},\"winreg-app-global\":{\"wrc@avast.com\":{\"d\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"e\":false,\"v\":\"10.3.3.44\",\"st\":1466374034062,\"mt\":1466374032202}}}"); ¤¤¤¤¤¤¤¤¤¤ | Active Connections TCP 127.0.0.1:49156 Nosferoth-PC:49157 ESTABLISHED 1372 TCP 127.0.0.1:49157 Nosferoth-PC:49156 ESTABLISHED 1372 TCP 127.0.0.1:49159 Nosferoth-PC:49160 ESTABLISHED 1372 TCP 127.0.0.1:49160 Nosferoth-PC:49159 ESTABLISHED 1372 TCP 127.0.0.1:49222 Nosferoth-PC:65001 ESTABLISHED 4612 TCP 127.0.0.1:49301 Nosferoth-PC:49302 ESTABLISHED 3236 TCP 127.0.0.1:49302 Nosferoth-PC:49301 ESTABLISHED 3236 TCP 127.0.0.1:65001 Nosferoth-PC:49222 ESTABLISHED 4612 TCP 192.168.0.103:49165 lon15.ff.avast.com:http ESTABLISHED 1372 TCP 192.168.0.103:49298 a2-16-117-170.deploy.akamaitechnologies.com:http CLOSE_WAIT 2016 TCP 192.168.0.103:49299 r-149-58-45-5.ff.avast.com:http CLOSE_WAIT 1372 TCP 192.168.0.103:49379 151.80.7.164:https TIME_WAIT 0 TCP 192.168.0.103:49384 par03s13-in-f2.1e100.net:https ESTABLISHED 3236 TCP 192.168.0.103:49386 aus5.external.zlb.scl3.mozilla.com:https TIME_WAIT 0 ¤¤¤¤¤¤¤¤¤¤ | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=212.27.40.241 212.27.40.240 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7B14672F-F8B8-4158-915B-F1DFC0F6FBD4}] "DhcpNameServer"=212.27.40.241 212.27.40.240 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7B14672F-F8B8-4158-915B-F1DFC0F6FBD4}] "DhcpNameServer"=212.27.40.241 212.27.40.240 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7B14672F-F8B8-4158-915B-F1DFC0F6FBD4}] "DhcpNameServer"=212.27.40.241 212.27.40.240 ¤¤¤¤¤¤¤¤¤¤ | ActiveX [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] - () - [8,0,7600,17136] - -> [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] - () - [8,0,7600,17136] - -> [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - [1,1,1,9] - -> [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - () - [6,1,7601,17514] - -> [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - [12,0,7601,17514] - -> [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - [6,1,7601,17514] - -> [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - [8,0,7600,17136] - -> [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - [12,0,7601,17514] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] - (Internet Explorer) - [8,0,7100,0] - @C:\Windows\System32\ie4uinit.exe,-21 -> C:\Windows\System32\ie4uinit.exe -UserIconConfig [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] - (Browser Customizations) - [8,0,7100,0] - @C:\Windows\System32\iedkcs32.dll,-3052 -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - [12,0,7601,17514] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - [1,1,1,9] - @%SystemRoot%\system32\themeui.dll,-2682 -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - [8,0,7601,17514] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - [6,1,7601,17514] - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - [4,71,1113,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - [8,0,7601,17514] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - [5,6,0,8833] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - [8,0,7601,17514] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - [8,0,7601,17514] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - [12,0,7601,17514] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - [4,9,9,2] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - [6,1,7601,17514] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - [6,1,7601,17514] - @%SystemRoot%\system32\shell32.dll,-32969 -> regsvr32.exe /s /n /i:U shell32.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - [8,0,7100,0] - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -BaseSettings [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - [8,0,7601,17514] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - [8,0,7601,17136] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - [6,1,7601,17514] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - [5,0,00,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}] - (.NET Framework) - [4,0,30319,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - [2,0,50727,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - [12,0,7601,17514] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] - (Internet Explorer) - [8,0,7100,0] - @C:\Windows\SysWOW64\ie4uinit.exe,-21 -> C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] - (Browser Customizations) - [8,0,7100,0] - @C:\Windows\SysWOW64\iedkcs32.dll,-3052 -> "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - [12,0,7601,17514] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - [1,1,1,9] - @%SystemRoot%\system32\themeui.dll,-2682 -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - [8,0,7601,17514] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - [6,1,7601,17514] - -> "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - [4,71,1113,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - [8,0,7601,17514] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - [5,6,0,8833] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - [8,0,7601,17514] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - [8,0,7601,17514] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - [12,0,7601,17514] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - [4,9,9,2] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - [6,1,7601,17514] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - [2,0,50727,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - [6,1,7601,17514] - @%SystemRoot%\system32\shell32.dll,-32969 -> regsvr32.exe /s /n /i:U shell32.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - [8,0,7100,0] - @C:\Windows\SysWOW64\ie4uinit.exe,-2000 -> C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - [8,0,7601,17514] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - [2,0,50727,1] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - [8,0,7601,17136] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - [6,1,7601,17514] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - [5,0,00,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}] - (.NET Framework) - [4,0,30319,0] - -> ¤¤¤¤¤¤¤¤¤¤ | Applications [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ¤¤¤¤¤¤¤¤¤¤ | Svchost - Netsvcs (Whitelisted) Term - : ¤¤¤¤¤¤¤¤¤¤ | Software [HKU\S-1-5-18\Software\Avast Software] [HKU\S-1-5-18\Software\Google] [HKU\S-1-5-18\Software\Microsoft] [HKU\S-1-5-18\Software\Nico Mak Computing] [HKU\S-1-5-18\Software\Policies] [HKU\S-1-5-18\Software\WinZip Computing] [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-18\Software\Microsoft\Windows\DWM] [HKU\S-1-5-18\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Adobe] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\AppDataLow] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\ASUS] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\AVAST Software] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Clients] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Disc Soft] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\g3n-h@ckm@n] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Google] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Intel] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\MohawkGames] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Mozilla] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Netscape] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Nico Mak Computing] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\NVIDIA Corporation] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Policies] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Realtek] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\sysinternals] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Unity] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Valve] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\WinZip Computing] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Wow6432Node] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-2214036511-2365878364-1413446509-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-20\Software\AppDataLow] [HKU\S-1-5-20\Software\Microsoft] [HKU\S-1-5-20\Software\Policies] [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-20\Software\Microsoft\Windows\DWM] [HKU\S-1-5-20\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-20\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-19\Software\AppDataLow] [HKU\S-1-5-19\Software\Microsoft] [HKU\S-1-5-19\Software\Policies] [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-19\Software\Microsoft\Windows\DWM] [HKU\S-1-5-19\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-19\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ATI Technologies] [HKLM\Software\cFos] [HKLM\Software\Clients] [HKLM\Software\CPUID] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\MCCI] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\Nahimic] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Nuance] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Sonic] [HKLM\Software\SonicFocus] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node] [HKLM\Software\Yamaha APO] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\ASUS] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\Disc Soft] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nico Mak Computing] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ¤¤¤¤¤¤¤¤¤¤ | FeatureControl [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "msn6.exe"="0" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "prevhost.exe"="8" "winzip64.exe"="8000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING] "iexplore.exe"="1" "*"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGuiIT.exe"="0" "SAPGUI.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HIGH_CONTRAST_BACKGROUND_IMAGES] "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "wm.exe"="1" "cs.exe"="1" "waol.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "ehExtHost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "winmail.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "prevhost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "winmail.exe"="1" "msimn.exe"="1" "outlook.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "infopath.exe"="1" "winword.exe"="1" "excel.exe"="1" "powerpnt.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "prevhost.exe"="1" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn6.exe"="1" "msn.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "PresentationHost.exe"="1" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "msn6.exe"="0" "wmplayer.exe"="1" "ehexthost32.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "prevhost.exe"="8" "WebAuthBroker.exe"="10000" "mbam.exe"="11000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING] "iexplore.exe"="1" "*"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGuiIT.exe"="0" "SAPGUI.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" "ehexthost32.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HIGH_CONTRAST_BACKGROUND_IMAGES] "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "wmplayer.exe"="1" "ehexthost32.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "wm.exe"="1" "cs.exe"="1" "waol.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "ehexthost32.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "ehexthost32.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "ehexthost32.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" "ehexthost32.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "winmail.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "ehexthost32.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "winmail.exe"="1" "msimn.exe"="1" "outlook.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "wmplayer.exe"="1" "ehexthost32.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "infopath.exe"="1" "winword.exe"="1" "excel.exe"="1" "powerpnt.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "prevhost.exe"="1" "wmplayer.exe"="1" "ehexthost32.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WARN_ON_SEC_CERT_REV_FAILED] "mbam.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn6.exe"="1" "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "PresentationHost.exe"="1" "wmplayer.exe"="1" "ehexthost32.exe"="1" ¤¤¤¤¤¤¤¤¤¤ | The Created last ones ¦ Modified [MD5.00000000000000000000000000000000] - [19/06/2016 20:29:23] - |D| - [479922798] - C:\Program Files (x86)\Adobe [MD5.00000000000000000000000000000000] - [19/06/2016 20:15:16] - |D| - [193407092] - C:\Program Files (x86)\ASUS [MD5.00000000000000000000000000000000] - [19/06/2016 20:35:08] - |D| - [46610174] - C:\Program Files (x86)\DAEMON Tools Pro [MD5.00000000000000000000000000000000] - [20/06/2016 00:12:02] - |D| - [31665674] - C:\Program Files (x86)\Google [MD5.00000000000000000000000000000000] - [19/06/2016 19:27:34] - |HD| - [16294093] - C:\Program Files (x86)\InstallShield Installation Information [MD5.00000000000000000000000000000000] - [19/06/2016 19:12:25] - |D| - [23194751] - C:\Program Files (x86)\Intel [MD5.00000000000000000000000000000000] - [22/06/2016 01:47:16] - |D| - [59434816] - C:\Program Files (x86)\Malwarebytes Anti-Malware [MD5.00000000000000000000000000000000] - [19/06/2016 19:22:10] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [MD5.00000000000000000000000000000000] - [21/06/2016 01:45:13] - |D| - [97025208] - C:\Program Files (x86)\Mozilla Firefox [MD5.00000000000000000000000000000000] - [21/06/2016 01:45:17] - |D| - [236995] - C:\Program Files (x86)\Mozilla Maintenance Service [MD5.00000000000000000000000000000000] - [19/06/2016 20:50:12] - |D| - [299924345] - C:\Program Files (x86)\NVIDIA Corporation [MD5.00000000000000000000000000000000] - [19/06/2016 19:27:35] - |D| - [12041177] - C:\Program Files (x86)\Realtek [MD5.00000000000000000000000000000000] - [19/06/2016 21:33:26] - |D| - [6106363016] - C:\Program Files (x86)\Steam [MD5.00000000000000000000000000000000] - [19/06/2016 19:24:18] - |HD| - [0] - C:\Program Files (x86)\Temp [MD5.00000000000000000000000000000000] - [19/06/2016 21:22:04] - |D| - [633996] - C:\Program Files (x86)\VulkanRT [MD5.00000000000000000000000000000000] - [22/06/2016 02:00:20] - |D| - [7233265] - C:\Program Files (x86)\ZHPFix [MD5.EFF1AC58A084E5CE5C6AA0427D445987] - [19/06/2016 19:07:17] - |A| - [47170] - C:\Windows\Ascd_tmp.ini [MD5.9FCFE78AFBA95C1F3AD8E3F99C5C4636] - [19/06/2016 19:09:22] - |A| - [16896] - C:\Windows\AsTaskSched.dll [MD5.1E730A5BA2E48B48EAFE800D5FE0A3E4] - [19/06/2016 19:07:16] - |A| - [672] - C:\Windows\As_Utilities.log [MD5.8D26DAE92B9995B082AE5B6BC2FB70DB] - [20/06/2016 00:07:12] - |A| - [52184] - C:\Windows\avastSS.scr [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [22/06/2016 01:29:37] - |A| - [71168] - C:\Windows\bfsvc.exe [MD5.87485061537913CD06DC4C3735BE3A77] - [19/06/2016 20:42:23] - |A| - [24484] - C:\Windows\cFosSpeed_Setup_Log.txt [MD5.00000000000000000000000000000000] - [19/06/2016 19:09:22] - |D| - [304541287] - C:\Windows\Chipset [MD5.DA15C16EE66BAF7E6F555CE2E1CF95CA] - [20/06/2016 04:54:09] - |RA| - [13] - C:\Windows\csup.txt [MD5.881AF365AA5D3CECE8783F3FEEFA9FBC] - [20/06/2016 04:54:09] - |RAH| - [24] - C:\Windows\DELL_version [MD5.B9601FA7828877C91714E55F1F37B9CA] - [19/06/2016 23:11:35] - |A| - [10085] - C:\Windows\DirectX.log [MD5.00000000000000000000000000000000] - [19/06/2016 20:52:08] - |D| - [39425385] - C:\Windows\Downloaded Installations [MD5.AC4C51EB24AA95B77F705AB159189E24] - [22/06/2016 01:31:20] - |A| - [2872320] - C:\Windows\explorer.exe [MD5.00000000000000000000000000000000] - [20/06/2016 04:53:22] - |D| - [142336] - C:\Windows\fr-FR [MD5.00000000000000000000000000000000] - [19/06/2016 19:22:01] - |SHD| - [1006304020] - C:\Windows\Installer [MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - [19/06/2016 19:08:20] - |A| - [1769] - C:\Windows\Language_trs.ini [MD5.2F5B0A7A1819A08C55FD91BA8DA2F6EE] - [20/06/2016 02:28:05] - |A| - [312814] - C:\Windows\ntbtlog.txt [MD5.00000000000000000000000000000000] - [20/06/2016 04:54:34] - |D| - [10442518] - C:\Windows\Panther [MD5.60338A2BDC2A74425A5178E4D7B86FE9] - [19/06/2016 20:54:39] - |A| - [7906] - C:\Windows\PFRO.log [MD5.00000000000000000000000000000000] - [19/06/2016 18:55:24] - |D| - [45963565] - C:\Windows\Prefetch [MD5.FFC77870402F6DDD5BB8172C6A55DFB3] - [19/06/2016 19:24:18] - |RA| - [2080472] - C:\Windows\RtlExUpd.dll [MD5.00000000000000000000000000000000] - [19/06/2016 19:04:58] - |D| - [1842072007] - C:\Windows\SoftwareDistribution [MD5.D01628AF9F7FB3F415B357D446FBE6D9] - [22/06/2016 01:30:40] - |A| - [67072] - C:\Windows\splwow64.exe [MD5.2DCAB053A9510CADC7F2940272AE2BC7] - [19/06/2016 18:58:11] - |A| - [1313] - C:\Windows\TSSysprep.log [MD5.163A95975E1D8819E653AA3E961371CA] - [22/06/2016 01:29:47] - |A| - [51200] - C:\Windows\twain_32.dll [MD5.D742E4D76FEB4E6BE3786E1338D2DE1A] - [19/06/2016 19:04:58] - |A| - [1071147] - C:\Windows\WindowsUpdate.log [MD5.00000000000000000000000000000000] - [19/06/2016 19:39:21] - |SHD| - [396028523] - C:\Windows\Installer\$PatchCache$ [MD5.7718D8208E408ED9385108229C25F74E] - [20/06/2016 01:15:34] - |A| - [857600] - C:\Windows\Installer\255c5.msi [MD5.C6BE77B89B8A26BCA7895378EEA91A2A] - [19/06/2016 19:46:20] - |RA| - [53248] - C:\Windows\Installer\33250.mst [MD5.CB2713E217F2BEC7EFFE21576515C557] - [22/06/2016 00:52:56] - |A| - [83692544] - C:\Windows\Installer\7f9b2.msi [MD5.0ACDA465A4486B4E6A34D1E594EF91B6] - [19/06/2016 20:52:03] - |A| - [39370752] - C:\Windows\Installer\80dab.msi [MD5.47D5E827135C2BC43DDF7E9161E14F82] - [20/06/2016 00:12:45] - |A| - [45056] - C:\Windows\Installer\b12341.msi [MD5.72BF0B7142646F1CD0FA7C872DB106D6] - [20/06/2016 00:12:01] - |A| - [26112] - C:\Windows\Installer\b12347.msi [MD5.6BB38BD51C3CFE2C64CE4E2BCB918BE4] - [20/06/2016 00:17:54] - |A| - [40960] - C:\Windows\Installer\b1234d.msi [MD5.907A88D2BEDDBC4EAEBF6E0186A01E5B] - [19/06/2016 19:39:39] - |A| - [288] - C:\Windows\Installer\wix{B5E06417-A4AC-4225-B36E-7E34C91616E7}.SchedServiceConfig.rmi [MD5.00000000000000000000000000000000] - [19/06/2016 20:52:27] - |D| - [59286] - C:\Windows\Installer\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43} [MD5.00000000000000000000000000000000] - [19/06/2016 19:29:02] - |D| - [15086] - C:\Windows\Installer\{0E2BE1E8-F087-45D6-8D29-5CB305643B78} [MD5.00000000000000000000000000000000] - [19/06/2016 19:46:20] - |D| - [320120] - C:\Windows\Installer\{594AEAFB-0822-4EA9-A5B8-309485A515EE} [MD5.00000000000000000000000000000000] - [19/06/2016 20:00:34] - |D| - [220039] - C:\Windows\Installer\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE} [MD5.00000000000000000000000000000000] - [20/06/2016 01:15:46] - |D| - [10134] - C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824184103} [MD5.00000000000000000000000000000000] - [19/06/2016 20:30:28] - |D| - [840914] - C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001} [MD5.00000000000000000000000000000000] - [19/06/2016 20:52:45] - |D| - [459934] - C:\Windows\Installer\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188} [MD5.00000000000000000000000000000000] - [22/06/2016 01:02:48] - |D| - [1351168] - C:\Windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105} [MD5.00000000000000000000000000000000] - [20/06/2016 04:53:10] - |D| - [0] - C:\Windows\system32\040C [MD5.A26FC69123A5CA107040B553A58075C7] - [22/06/2016 01:30:24] - |A| - [158720] - C:\Windows\system32\aaclient.dll [MD5.FD28E3B46F63337EAF905120F1E00070] - [22/06/2016 01:30:07] - |A| - [3745792] - C:\Windows\system32\accessibilitycpl.dll [MD5.F2CF417EF502555B139EDCD9FEBF9CD3] - [19/06/2016 19:27:36] - |A| - [109848] - C:\Windows\system32\AcpiServiceVnA64.dll [MD5.8B22B0CF8912F810B28AFBFC8B42727F] - [22/06/2016 01:29:57] - |A| - [53248] - C:\Windows\system32\acppage.dll [MD5.92DBF0A4C9239169010FC6E07859C82E] - [22/06/2016 01:30:06] - |A| - [780800] - C:\Windows\system32\ActionCenter.dll [MD5.7D067C851FD270E7C3495788AD487CDE] - [22/06/2016 01:30:06] - |A| - [549888] - C:\Windows\system32\ActionCenterCPL.dll [MD5.EB3E45B0F5C5743863C86F38E8CDC151] - [22/06/2016 01:29:39] - |A| - [213504] - C:\Windows\system32\ActionQueue.dll [MD5.E6F0F82788E8BD0F7A616350EFA0761C] - [22/06/2016 01:31:11] - |A| - [958464] - C:\Windows\system32\actxprxy.dll [MD5.C0EB0E804F596CC1C7283D2D7FF980E7] - [22/06/2016 01:30:40] - |A| - [577024] - C:\Windows\system32\AdmTmpl.dll [MD5.1F137AC28556D4507F97F736B0AC7D45] - [22/06/2016 01:30:41] - |A| - [424448] - C:\Windows\system32\aeinv.dll [MD5.AF84C72EE2E49DA2B13EF30DABA5B5CC] - [22/06/2016 01:30:41] - |A| - [412160] - C:\Windows\system32\aepdu.dll [MD5.2CBDC11690656A1A2D03EC65AE2BCE68] - [19/06/2016 19:27:35] - |A| - [209096] - C:\Windows\system32\AERTAC64.dll [MD5.B3E9EA31E37EDCC1D54CE20504549ABE] - [19/06/2016 19:27:36] - |A| - [108640] - C:\Windows\system32\AERTAR64.dll [MD5.DDB88D0BB116D468B2B3EFBB6E3D6D06] - [22/06/2016 01:30:40] - |A| - [122880] - C:\Windows\system32\aitagent.exe [MD5.6B3E852970892B3033DC996C282C2C93] - [22/06/2016 01:29:29] - |A| - [89088] - C:\Windows\system32\amstream.dll [MD5.A97E6B70CCD03870A06BD57DDC6BE0E0] - [22/06/2016 01:29:22] - |AH| - [3072] - C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll [MD5.90499F3163A9F815CF196A205EA3CD5D] - [22/06/2016 01:30:58] - |A| - [342016] - C:\Windows\system32\apphelp.dll [MD5.3977D4A871CA0D4F2ED1E7DB46829731] - [22/06/2016 01:30:06] - |A| - [70656] - C:\Windows\system32\appinfo.dll [MD5.DDA6773DACE0774160AAA927ECF8ADCD] - [22/06/2016 01:30:59] - |A| - [479232] - C:\Windows\system32\appmgr.dll [MD5.587BB0FA7D11F81251539A630C097C8C] - [22/06/2016 01:30:23] - |A| - [726528] - C:\Windows\system32\appwiz.cpl [MD5.7E8152C231FF349CEEEB12146D90E952] - [20/06/2016 00:07:15] - |A| - [398152] - C:\Windows\system32\aswBoot.exe [MD5.2C6E1A303EC8DE78F257C2D7BAD4E849] - [22/06/2016 01:30:06] - |A| - [84992] - C:\Windows\system32\asycfilt.dll [MD5.DA92473D08DFCE8D355684D636ECAE5A] - [22/06/2016 01:30:24] - |A| - [367104] - C:\Windows\system32\atmfd.dll [MD5.0AC26F97A742C187AF6CF2E1B8C2D1EE] - [22/06/2016 01:29:24] - |A| - [46080] - C:\Windows\system32\atmlib.dll [MD5.D5CCA1453B98A5801E6D5FF0FF89DC6C] - [22/06/2016 01:30:21] - |A| - [126464] - C:\Windows\system32\audiodg.exe [MD5.2D0895BED270D1A8CADD981A5BFC0AE5] - [19/06/2016 19:28:21] - |A| - [605496] - C:\Windows\system32\audioLibVc.dll [MD5.DC220AE6F64819099F7EBD6F137E32E7] - [22/06/2016 01:30:41] - |A| - [296448] - C:\Windows\system32\AudioSes.dll [MD5.F23FEF6D569FCE88671949894A8BECF1] - [22/06/2016 01:31:11] - |A| - [679424] - C:\Windows\system32\audiosrv.dll [MD5.1BC6D282FF30D768515EAE0431F91552] - [22/06/2016 01:31:13] - |A| - [5066752] - C:\Windows\system32\AuthFWSnapin.dll [MD5.0BEE002C68E28CE6DA161DCF1376D7D7] - [22/06/2016 01:31:09] - |A| - [1927680] - C:\Windows\system32\authui.dll [MD5.3B536A8BEC3B4F23FFDFD78B11A2AB93] - [22/06/2016 01:30:21] - |A| - [777728] - C:\Windows\system32\autochk.exe [MD5.C3F3509C9127B1EFF9012CBC152ADF56] - [22/06/2016 01:30:21] - |A| - [793088] - C:\Windows\system32\autoconv.exe [MD5.04FAFCAF36632E03B6BFC48275178349] - [22/06/2016 01:30:21] - |A| - [763904] - C:\Windows\system32\autofmt.exe [MD5.1FB6588DDF991124D49475C99BBC9C5B] - [22/06/2016 01:30:06] - |A| - [155136] - C:\Windows\system32\autoplay.dll [MD5.8956BA8E83F83ED3B54B292CEB42F219] - [22/06/2016 01:30:22] - |A| - [726528] - C:\Windows\system32\AuxiliaryDisplayCpl.dll [MD5.AE67E6224419C1A88800DF29E6A95F88] - [22/06/2016 01:30:05] - |A| - [135680] - C:\Windows\system32\AuxiliaryDisplayServices.dll [MD5.A6BF31A71B409DFA8CAC83159E1E2AFF] - [22/06/2016 01:30:15] - |A| - [114688] - C:\Windows\system32\AxInstSv.dll [MD5.0ADD464D92D6189A7697C0C5BBEE1909] - [22/06/2016 01:30:56] - |A| - [897536] - C:\Windows\system32\azroles.dll [MD5.DD48B7D93771674F330763613AA7C095] - [22/06/2016 01:30:06] - |A| - [472064] - C:\Windows\system32\azroleui.dll [MD5.25871B7114005B04B24A5114CD5234CF] - [22/06/2016 01:29:42] - |A| - [31744] - C:\Windows\system32\AzSqlExt.dll [MD5.D95AD0B6A27A14DCD31B3E5BAF635898] - [22/06/2016 01:30:22] - |A| - [166784] - C:\Windows\system32\basecsp.dll [MD5.F832EEEA97CDDA1AF577E721F652A0D1] - [22/06/2016 01:30:10] - |A| - [749568] - C:\Windows\system32\batmeter.dll [MD5.3A66846F45BE2E46F7EA16B2F7D2EF34] - [22/06/2016 01:29:53] - |A| - [175616] - C:\Windows\system32\bcdboot.exe [MD5.780836BB63852990382DF27DE7FEFD20] - [22/06/2016 01:30:06] - |A| - [346112] - C:\Windows\system32\bcdedit.exe [MD5.A6585E85184E3E6B45AE833536CAA282] - [22/06/2016 01:30:21] - |A| - [168448] - C:\Windows\system32\bcdsrv.dll [MD5.D6C7780A364C6BBACFA796BAB9F1B374] - [22/06/2016 01:30:41] - |A| - [298104] - C:\Windows\system32\bcryptprimitives.dll [MD5.51AC5D9348A6C8D0E99709557E3719EC] - [22/06/2016 01:29:28] - |A| - [130560] - C:\Windows\system32\BdeHdCfg.exe [MD5.82974D6A2FD19445CC5171FC378668A4] - [22/06/2016 01:30:55] - |A| - [705024] - C:\Windows\system32\BFE.DLL [MD5.20FACCF61372C1C6BBAAA5CE413875EA] - [22/06/2016 01:30:40] - |A| - [504320] - C:\Windows\system32\biocpl.dll [MD5.DC81872E3E6BCA39B322A7FA1A044040] - [22/06/2016 01:29:31] - |A| - [232448] - C:\Windows\system32\bitsadmin.exe [MD5.29409ED7400CA5BCCC30C0EE5147A60D] - [22/06/2016 01:29:24] - |A| - [24576] - C:\Windows\system32\bitsperf.dll [MD5.97A891E2BF7FDA830BCFC6269DA3F5E9] - [22/06/2016 01:29:52] - |A| - [840192] - C:\Windows\system32\blackbox.dll [MD5.78027FCA53D99FFF446C47B30C33890C] - [22/06/2016 01:29:06] - |A| - [52736] - C:\Windows\system32\BlbEvents.dll [MD5.26653D1C26E9E2AA5DD596354BA9FAF3] - [22/06/2016 01:30:09] - |A| - [2217856] - C:\Windows\system32\bootres.dll [MD5.A5A70AF023570C1D26501B14338C1D6C] - [22/06/2016 01:29:28] - |A| - [58880] - C:\Windows\system32\browcli.dll [MD5.8EF0D5C41EC907751B8429162B1239ED] - [22/06/2016 01:29:39] - |A| - [136192] - C:\Windows\system32\browser.dll [MD5.12597124DF5E54B932945D326F916C9A] - [22/06/2016 01:29:23] - |A| - [14336] - C:\Windows\system32\browseui.dll [MD5.F7A256EC899C72B4ECDD2C02CB592EFD] - [22/06/2016 01:30:06] - |A| - [721408] - C:\Windows\system32\bthprops.cpl [MD5.515F6B0BBC6E3A09B57C5AE6C41765D2] - [22/06/2016 01:29:47] - |A| - [899584] - C:\Windows\system32\Bubbles.scr [MD5.C58193D44CF096225288E351611C77A3] - [22/06/2016 01:29:28] - |A| - [14848] - C:\Windows\system32\BWUnpairElevated.dll [MD5.FA43D418BC945D27D0625B697B8442B5] - [22/06/2016 01:29:53] - |A| - [94720] - C:\Windows\system32\cabinet.dll [MD5.DB55D6EA72B92C8F8268A5B795156433] - [22/06/2016 01:30:21] - |A| - [139264] - C:\Windows\system32\cabview.dll [MD5.BC4A4569F5E50EE9993E9DD9784C2FE3] - [22/06/2016 01:30:06] - |A| - [95232] - C:\Windows\system32\cca.dll [MD5.05569A79BF4693670B709144382D02D4] - [22/06/2016 01:30:41] - |A| - [144384] - C:\Windows\system32\cdd.dll [MD5.82C87FBF43957E69530EB6521F8FF0D1] - [22/06/2016 01:29:53] - |A| - [1133568] - C:\Windows\system32\cdosys.dll [MD5.94DFBB481BF51158B216E23C5C1C9D6E] - [22/06/2016 01:30:06] - |A| - [460800] - C:\Windows\system32\certcli.dll [MD5.263B26106606A010CF877472B535E4BB] - [22/06/2016 01:31:14] - |A| - [1975296] - C:\Windows\system32\CertEnroll.dll [MD5.60EB9DB7A449FC083D2F02B0A0425104] - [22/06/2016 01:31:04] - |A| - [1796096] - C:\Windows\system32\certmgr.dll [MD5.FCE23E27F62989AD0BB88E256E847A41] - [22/06/2016 01:29:29] - |A| - [71680] - C:\Windows\system32\CertPolEng.dll [MD5.F17D1D393BBC69C5322FBFAFACA28C7F] - [22/06/2016 01:29:53] - |A| - [80384] - C:\Windows\system32\certprop.dll [MD5.2477A28081BDAEE622CF045ACF8EE124] - [22/06/2016 01:30:39] - |A| - [207872] - C:\Windows\system32\cfgmgr32.dll [MD5.4C42CDF8B7CC00ADD1A1645F1500C3DC] - [22/06/2016 01:29:24] - |A| - [16896] - C:\Windows\system32\change.exe [MD5.17123DEF4E76086D759122DD864D9512] - [22/06/2016 01:29:28] - |A| - [22528] - C:\Windows\system32\chglogon.exe [MD5.DDE008F644E8D33F726D5357FE52F447] - [22/06/2016 01:29:28] - |A| - [24064] - C:\Windows\system32\chgport.exe [MD5.69A9B266835ED67C031322660F7B18E4] - [22/06/2016 01:29:28] - |A| - [21504] - C:\Windows\system32\chgusr.exe [MD5.BD3E64A49311E558C08F4F04B53F82D8] - [22/06/2016 01:29:28] - |A| - [36864] - C:\Windows\system32\choice.exe [MD5.11338E0557B07BC32CDB980B6EDB35AA] - [22/06/2016 01:30:39] - |A| - [780008] - C:\Windows\system32\ci.dll [MD5.81749E073AC5857B044A686B406E5244] - [22/06/2016 01:30:22] - |A| - [314368] - C:\Windows\system32\clusapi.dll [MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [22/06/2016 01:30:54] - |A| - [345088] - C:\Windows\system32\cmd.exe [MD5.74C6DA5522F420C394AE34B2D3D677E3] - [22/06/2016 01:29:29] - |A| - [92160] - C:\Windows\system32\cmstp.exe [MD5.14DFDEAF4E589ED3F1FF187A86B9408C] - [22/06/2016 01:30:21] - |A| - [633856] - C:\Windows\system32\comctl32.dll [MD5.9835E63E09F824D22B689D2BB789BAB9] - [22/06/2016 01:30:58] - |A| - [594432] - C:\Windows\system32\comdlg32.dll [MD5.6E14F444A2506049EEC25CB5EDFE0905] - [19/06/2016 19:27:37] - |A| - [113576] - C:\Windows\system32\CONEQMSAPOGUILibrary.dll [MD5.BD51024FB014064BC9FE8C715C18392F] - [22/06/2016 01:30:40] - |A| - [337920] - C:\Windows\system32\conhost.exe [MD5.0B5511674394666E9D221F8681B2C2E6] - [22/06/2016 01:30:23] - |A| - [112000] - C:\Windows\system32\consent.exe [MD5.C918FA31EECCA023ECB4CF53E9EC5856] - [22/06/2016 01:31:14] - |A| - [960512] - C:\Windows\system32\CPFilters.dll [MD5.52D3D5E3586988D4D9E34ACAAC33105C] - [22/06/2016 01:30:10] - |A| - [22016] - C:\Windows\system32\credssp.dll [MD5.CC0AB40F02D2C2A12209715A3C1B07B8] - [22/06/2016 01:30:41] - |A| - [197120] - C:\Windows\system32\credui.dll [MD5.3F9F2AFA135F0663946A006DD5FFD897] - [22/06/2016 01:31:12] - |A| - [1456128] - C:\Windows\system32\crypt32.dll [MD5.15597883FBE9B056F276ADA3AD87D9AF] - [22/06/2016 01:30:39] - |A| - [177152] - C:\Windows\system32\cryptsvc.dll [MD5.B3BFBD758506ECB50C5804AAA76318F9] - [22/06/2016 01:30:06] - |A| - [1065984] - C:\Windows\system32\cryptui.dll [MD5.1BF0CB861A48FEB1638228760750F3CB] - [22/06/2016 01:29:29] - |A| - [46080] - C:\Windows\system32\cscapi.dll [MD5.7EE5F17A21D9A9101207DF4BC37B085D] - [22/06/2016 01:29:24] - |A| - [30208] - C:\Windows\system32\cscdll.dll [MD5.48F714CD2DCD00E8E98172AA72CF358D] - [22/06/2016 01:29:29] - |A| - [137216] - C:\Windows\system32\CscMig.dll [MD5.234AFA322624B3203A2E720F08292B03] - [22/06/2016 01:30:52] - |A| - [240640] - C:\Windows\system32\cscobj.dll [MD5.3AB183AB4D2C79DCF459CD2C1266B043] - [22/06/2016 01:30:53] - |A| - [692224] - C:\Windows\system32\cscsvc.dll [MD5.32802C0F6FC7C8F561B9D91F52A46421] - [22/06/2016 01:30:40] - |A| - [498688] - C:\Windows\system32\cscui.dll [MD5.103D54F329686C2CCF67156117A30D53] - [22/06/2016 01:29:23] - |A| - [13312] - C:\Windows\system32\C_ISCII.DLL [MD5.95F8353F1408F3E637A4CE5E976F1798] - [22/06/2016 01:31:25] - |A| - [902144] - C:\Windows\system32\d2d1.dll [MD5.47AD5ED974A4FDB582824C5DCB6E7482] - [22/06/2016 01:29:42] - |A| - [573952] - C:\Windows\system32\d3d10level9.dll [MD5.64ABE1250EC1A1CFD1442E7C8800216E] - [22/06/2016 01:31:35] - |A| - [1838080] - C:\Windows\system32\d3d10warp.dll [MD5.426BA4E737A7988FD1202AF2F2B2F4A6] - [22/06/2016 01:30:58] - |A| - [321024] - C:\Windows\system32\d3d10_1core.dll [MD5.C36968D59834F6C54CC9C351B8EF5405] - [22/06/2016 01:31:10] - |A| - [787968] - C:\Windows\system32\d3d11.dll [MD5.4C3DAEE652B005B483F16B8E9131C99D] - [22/06/2016 01:31:14] - |A| - [2067456] - C:\Windows\system32\d3d9.dll [MD5.3EBF620536A13CA343E52ECA4F0DE7F8] - [19/06/2016 23:11:55] - |A| - [1400176] - C:\Windows\system32\D3DCompiler_33.dll [MD5.9D9407F52B8E24E99358D9944B0D5FA3] - [19/06/2016 23:11:59] - |A| - [1401200] - C:\Windows\system32\D3DCompiler_34.dll [MD5.B21427EDF0449E92000FF497DAAF89C9] - [19/06/2016 23:12:00] - |A| - [1985904] - C:\Windows\system32\D3DCompiler_35.dll [MD5.7299DF5CF81135934740211D9A946737] - [19/06/2016 23:12:00] - |A| - [2006552] - C:\Windows\system32\D3DCompiler_36.dll [MD5.31026CEA5AFA2798292179102C06FE40] - [19/06/2016 23:12:01] - |A| - [1860120] - C:\Windows\system32\D3DCompiler_37.dll [MD5.A7E59BB6FAC119FABB83F18BD72AA1D7] - [19/06/2016 23:12:02] - |A| - [1941528] - C:\Windows\system32\D3DCompiler_38.dll [MD5.7741A0A6CED6C441B97D625B730D6075] - [19/06/2016 23:12:03] - |A| - [1942552] - C:\Windows\system32\D3DCompiler_39.dll [MD5.37309B833480DC69FDE7DB68F9B8BC20] - [19/06/2016 23:12:11] - |A| - [2605920] - C:\Windows\system32\D3DCompiler_40.dll [MD5.A59A5BADE4AF200C720D99EAE6E04E0E] - [19/06/2016 23:12:12] - |A| - [2430312] - C:\Windows\system32\D3DCompiler_41.dll [MD5.E92D2E4AFA43CD39A8C1C2C2DB59667E] - [19/06/2016 23:12:13] - |A| - [2582888] - C:\Windows\system32\D3DCompiler_42.dll [MD5.ADA0C39D4EACDC81FD84163A95D62079] - [19/06/2016 23:12:23] - |A| - [2526056] - C:\Windows\system32\D3DCompiler_43.dll [MD5.F13B90F5090EBA9041558BC6AAED79B8] - [19/06/2016 23:12:13] - |A| - [5554512] - C:\Windows\system32\d3dcsx_42.dll [MD5.5F1DA86286A2DFB01C4FED55C2DD1D61] - [19/06/2016 23:12:23] - |A| - [1907552] - C:\Windows\system32\d3dcsx_43.dll [MD5.8251826F04BA0822D08AD9B92C65A3D5] - [19/06/2016 23:11:55] - |A| - [469264] - C:\Windows\system32\d3dx10.dll [MD5.839C3921005BB41D441E3752C74F2292] - [19/06/2016 23:11:55] - |A| - [506728] - C:\Windows\system32\d3dx10_33.dll [MD5.1ED4E7A82BD5C7DEED082F00E63BB7A0] - [19/06/2016 23:11:59] - |A| - [506728] - C:\Windows\system32\d3dx10_34.dll [MD5.84116AA94672D623B95217648AE5B5B9] - [19/06/2016 23:12:00] - |A| - [508264] - C:\Windows\system32\d3dx10_35.dll [MD5.570FDAE7041775DE0C67747BB7081939] - [19/06/2016 23:12:00] - |A| - [508264] - C:\Windows\system32\d3dx10_36.dll [MD5.A8C5688BBA00C1630550F26260AB5CAE] - [19/06/2016 23:12:01] - |A| - [529424] - C:\Windows\system32\d3dx10_37.dll [MD5.72CB653CECF4EA670E7F5A8D74358423] - [19/06/2016 23:12:02] - |A| - [540688] - C:\Windows\system32\d3dx10_38.dll [MD5.EAA692FDC990ED0407DF957316DA33C2] - [19/06/2016 23:12:03] - |A| - [540688] - C:\Windows\system32\d3dx10_39.dll [MD5.862586AD4B1355F7DCDE111EE0AAF350] - [19/06/2016 23:12:11] - |A| - [519000] - C:\Windows\system32\d3dx10_40.dll [MD5.E730967811E3702499446FFC8A432607] - [19/06/2016 23:12:12] - |A| - [520544] - C:\Windows\system32\d3dx10_41.dll [MD5.B739C423276AE62D7AC91773226EC13B] - [19/06/2016 23:12:12] - |A| - [523088] - C:\Windows\system32\d3dx10_42.dll [MD5.AD7FA9485059F4DC53C98B49CAB13F0B] - [19/06/2016 20:51:39] - |A| - [511328] - C:\Windows\system32\d3dx10_43.dll [MD5.522749761B6CC69F8630F4B472DCA623] - [19/06/2016 23:12:12] - |A| - [285024] - C:\Windows\system32\d3dx11_42.dll [MD5.9D6429F410597750B2DC2579B2347303] - [19/06/2016 20:51:39] - |A| - [276832] - C:\Windows\system32\d3dx11_43.dll [MD5.B165DF72E13E6AF74D47013504319921] - [19/06/2016 23:11:35] - |A| - [3544272] - C:\Windows\system32\d3dx9_24.dll [MD5.4C56E7C5B2A61353E534C7D15D05856D] - [19/06/2016 23:11:35] - |A| - [3823312] - C:\Windows\system32\d3dx9_25.dll [MD5.44F5C5E27D6825E4E62420BC29B8B533] - [19/06/2016 23:11:35] - |A| - [3767504] - C:\Windows\system32\d3dx9_26.dll [MD5.914C3237E4D145A18DCD1D0D4C8659E1] - [19/06/2016 23:11:35] - |A| - [3807440] - C:\Windows\system32\d3dx9_27.dll [MD5.88BAC8306D4EC79A82B1FFA17DC8CF4A] - [19/06/2016 23:11:36] - |A| - [3815120] - C:\Windows\system32\d3dx9_28.dll [MD5.68B35CBDB4A8CC424718BBCC894FEEEA] - [19/06/2016 23:11:52] - |A| - [3830992] - C:\Windows\system32\d3dx9_29.dll [MD5.E09A9CF383ACF4A28038561E62277377] - [19/06/2016 23:11:52] - |A| - [3927248] - C:\Windows\system32\d3dx9_30.dll [MD5.FAAA0BB9CD2905B25334132E5BA093EB] - [19/06/2016 23:11:54] - |A| - [3977496] - C:\Windows\system32\d3dx9_31.dll [MD5.A4DDFE5DC4E73D1FED9B1B3A3D885612] - [19/06/2016 23:11:54] - |A| - [4398360] - C:\Windows\system32\d3dx9_32.dll [MD5.3172C3CAC8EA7CA1B5D5AF6699C037D6] - [19/06/2016 23:11:55] - |A| - [4494184] - C:\Windows\system32\d3dx9_33.dll [MD5.AE5D5439525B4A4CBF206058D493685D] - [19/06/2016 23:11:59] - |A| - [4496232] - C:\Windows\system32\d3dx9_34.dll [MD5.1B3AF16A27D390096925576202A64037] - [19/06/2016 23:11:59] - |A| - [5073256] - C:\Windows\system32\d3dx9_35.dll [MD5.BBB6C6833C30E323B41860D6DF61972D] - [19/06/2016 23:12:00] - |A| - [5081608] - C:\Windows\system32\d3dx9_36.dll [MD5.8A10974DC6E1E42BDC635C2C2AFBD2CC] - [19/06/2016 23:12:01] - |A| - [4910088] - C:\Windows\system32\D3DX9_37.dll [MD5.E5EC2AB7156A752F9614CDA4BE66EFE8] - [19/06/2016 23:12:02] - |A| - [4991496] - C:\Windows\system32\D3DX9_38.dll [MD5.7505C133FC704B40CFDDFD38777BAAC3] - [19/06/2016 23:12:02] - |A| - [4992520] - C:\Windows\system32\D3DX9_39.dll [MD5.29A79F0B607FAF5722D7BAF2485F632A] - [19/06/2016 23:12:11] - |A| - [5631312] - C:\Windows\system32\D3DX9_40.dll [MD5.ECDDB13BC805B9F3EF3A855E6FD85C69] - [19/06/2016 23:12:12] - |A| - [5425496] - C:\Windows\system32\D3DX9_41.dll [MD5.1AF7AE1FDE027A30B9097280819A0A86] - [19/06/2016 23:12:12] - |A| - [2475352] - C:\Windows\system32\D3DX9_42.dll [MD5.7160FC226391C0B50C85571FA1A546E5] - [19/06/2016 20:51:39] - |A| - [2401112] - C:\Windows\system32\D3DX9_43.dll [MD5.B3A33600DCDFB84D7FBE09ADEB1C9B8A] - [22/06/2016 01:30:40] - |A| - [100864] - C:\Windows\system32\davclnt.dll [MD5.990EA3103E06D68CE0E755A9C3D70107] - [22/06/2016 01:31:12] - |A| - [3391488] - C:\Windows\system32\dbgeng.dll [MD5.A7A8CA53D9C9FD90C07AB0EB38E5316B] - [22/06/2016 01:29:40] - |A| - [1087488] - C:\Windows\system32\dbghelp.dll [MD5.82DF29C6D5571BFA69429563F0AED677] - [19/06/2016 19:27:37] - |A| - [260272] - C:\Windows\system32\DDPA64.dll [MD5.FAC24F4CC63235D9533DD6605E5EE6F0] - [19/06/2016 19:27:37] - |A| - [1938608] - C:\Windows\system32\DDPD64A.dll [MD5.A1C8F811777EFA1B6BD82B226016CF2D] - [19/06/2016 19:27:37] - |A| - [313520] - C:\Windows\system32\DDPO64A.dll [MD5.B827E0AE582ACD641F0B2B052773A5CA] - [19/06/2016 19:27:37] - |A| - [6217904] - C:\Windows\system32\DDPP64A.dll [MD5.894B39B50E4FD1580884085D59352839] - [22/06/2016 01:30:07] - |A| - [233984] - C:\Windows\system32\defaultlocationcpl.dll [MD5.F0C6A924CAED0D26E7150F4009384AA6] - [22/06/2016 01:29:29] - |A| - [130048] - C:\Windows\system32\desk.cpl [MD5.4C2C4640BF23AAFCF90519E0F34436CE] - [22/06/2016 01:30:06] - |A| - [508928] - C:\Windows\system32\DeviceCenter.dll [MD5.60E8C91E58AB800C3879BE11DD8D6BD5] - [22/06/2016 01:29:58] - |A| - [225280] - C:\Windows\system32\DevicePairingFolder.dll [MD5.C7301A1D3DB09DE86528D9D916069859] - [22/06/2016 01:29:53] - |A| - [606208] - C:\Windows\system32\dfrgui.exe [MD5.E1DCEE9E3EC0522DF24397BE1A64E449] - [22/06/2016 01:31:43] - |A| - [1942856] - C:\Windows\system32\dfshim.dll [MD5.43D808F5D9E1A18E5EEB5EBC83969E4E] - [22/06/2016 01:31:04] - |A| - [317952] - C:\Windows\system32\dhcpcore.dll [MD5.DC50B0FE1C3F654AC25B5484BF3A458C] - [22/06/2016 01:30:09] - |A| - [1202176] - C:\Windows\system32\DiagCpl.dll [MD5.4449D23E8F197862F1B16F1E6C89C36C] - [22/06/2016 01:31:21] - |A| - [1340416] - C:\Windows\system32\diagperf.dll [MD5.FAEE5377E2B48FAAF3702E73DB8D6F58] - [22/06/2016 01:29:28] - |A| - [166400] - C:\Windows\system32\diskpart.exe [MD5.2102EE1AC5A82401C93DDEE67B66EE67] - [22/06/2016 01:29:45] - |A| - [363520] - C:\Windows\system32\diskraid.exe [MD5.F0074CEB72EA93608037C98A1F187DB5] - [22/06/2016 01:30:15] - |A| - [1066496] - C:\Windows\system32\Display.dll [MD5.3DA66EF520D45081DCFFDAECD3DE17C8] - [22/06/2016 01:29:29] - |A| - [61440] - C:\Windows\system32\djoin.exe [MD5.A52B6CC24063CC83C78C0E6F24DEEC01] - [22/06/2016 01:31:08] - |A| - [357888] - C:\Windows\system32\dnsapi.dll [MD5.7881A5557CD9A9D40D994A57D24001AB] - [22/06/2016 01:30:22] - |A| - [118272] - C:\Windows\system32\dnscmmc.dll [MD5.CD55F5355D8F55D44C9F4ED875705BD6] - [22/06/2016 01:30:53] - |A| - [183296] - C:\Windows\system32\dnsrslvr.dll [MD5.F9AFD12BB4B1CFA5FCC0A5B37C604FD2] - [22/06/2016 01:30:43] - |A| - [84992] - C:\Windows\system32\dot3api.dll [MD5.7A09F960C73A63D68293EFDFD843A5FF] - [22/06/2016 01:30:08] - |A| - [69120] - C:\Windows\system32\dot3cfg.dll [MD5.2B734931F36EF571816236D7C792BC80] - [22/06/2016 01:29:28] - |A| - [103936] - C:\Windows\system32\dot3msm.dll [MD5.B1FB3DDCA0FDF408750D5843591AFBC6] - [22/06/2016 01:30:06] - |A| - [252416] - C:\Windows\system32\dot3svc.dll [MD5.8888DC2ACEBFE75B3B52CE01AB2249C3] - [22/06/2016 01:29:29] - |A| - [313344] - C:\Windows\system32\dot3ui.dll [MD5.383345EA4003833B44D40E4F363034DD] - [22/06/2016 01:29:06] - |A| - [3072] - C:\Windows\system32\dpnaddr.dll [MD5.B26F4F737E8F9DF4F31AF6CF31D05820] - [22/06/2016 01:30:20] - |A| - [162816] - C:\Windows\system32\dps.dll [MD5.6369F960C28A16F4502C480EEDE3652C] - [22/06/2016 01:28:40] - |A| - [399872] - C:\Windows\system32\dpx.dll [MD5.96C14589E835B99E5C3B1C35C738AF7E] - [22/06/2016 01:29:59] - |A| - [495104] - C:\Windows\system32\drmmgrtn.dll [MD5.356E96B2FE133373116D1AEBBCA896A3] - [22/06/2016 01:30:56] - |A| - [422912] - C:\Windows\system32\drvstore.dll [MD5.786D0E9BE38BAD3C8FFFA9BAB6909582] - [22/06/2016 01:29:24] - |A| - [36864] - C:\Windows\system32\dsauth.dll [MD5.DD72849FE94E6F49732E1E9A6484FBAF] - [22/06/2016 01:30:54] - |A| - [281600] - C:\Windows\system32\DShowRdpFilter.dll [MD5.6D3E70937228FD90F2A7185D33D4C46E] - [22/06/2016 01:30:23] - |A| - [239616] - C:\Windows\system32\dskquoui.dll [MD5.A3D570EEADFFA62D3DC8AB10E281FF8B] - [22/06/2016 01:30:06] - |A| - [701440] - C:\Windows\system32\dsuiext.dll [MD5.8B5A737AD11EF45D9B1AEB4ED6884968] - [19/06/2016 19:27:39] - |A| - [728680] - C:\Windows\system32\DTSBassEnhancementDLL64.dll [MD5.21B38D4D86A87909491F690883AE6D1E] - [19/06/2016 19:27:39] - |A| - [1486952] - C:\Windows\system32\DTSBoostDLL64.dll [MD5.FF31A2F57AAAB58DB78FCC961A58B206] - [19/06/2016 19:27:39] - |A| - [428648] - C:\Windows\system32\DTSGainCompensatorDLL64.dll [MD5.BC0474E5476E5EA0D0E1AA5AC41E2061] - [19/06/2016 19:27:39] - |A| - [242792] - C:\Windows\system32\DTSGFXAPO64.dll [MD5.3B8FB5376F5431C0101747D5138BCB9B] - [19/06/2016 19:27:39] - |A| - [241768] - C:\Windows\system32\DTSGFXAPONS64.dll [MD5.B3977C8BA77559F4F8752AE8EB724C87] - [19/06/2016 19:27:39] - |A| - [242792] - C:\Windows\system32\DTSLFXAPO64.dll [MD5.192A03A21636D3775CEE4C049C3BEB2A] - [19/06/2016 19:27:39] - |A| - [432744] - C:\Windows\system32\DTSLimiterDLL64.dll [MD5.2EF5442E8E7ED20F7634EEFB09640C8F] - [19/06/2016 19:27:40] - |A| - [491112] - C:\Windows\system32\DTSNeoPCDLL64.dll [MD5.F7C357462077156DC211AC2112FC8C53] - [19/06/2016 19:27:40] - |A| - [1568360] - C:\Windows\system32\DTSS2HeadphoneDLL64.dll [MD5.F132C08BD8C58579B400DFAA71F34CFB] - [19/06/2016 19:27:40] - |A| - [1756264] - C:\Windows\system32\DTSS2SpeakerDLL64.dll [MD5.9948969B2C1987B1D64789EFEB284A84] - [19/06/2016 19:27:40] - |A| - [712296] - C:\Windows\system32\DTSSymmetryDLL64.dll [MD5.37B8A8089ECED77F6CEAF74917C5D12B] - [19/06/2016 19:27:40] - |A| - [487360] - C:\Windows\system32\DTSU2PGFX64.dll [MD5.8AE860D92752CFA136979B1FF797FFDC] - [19/06/2016 19:27:41] - |A| - [501184] - C:\Windows\system32\DTSU2PLFX64.dll [MD5.A9B98F96FBE514ADEABD20B2BD132172] - [19/06/2016 19:27:41] - |A| - [415680] - C:\Windows\system32\DTSU2PREC64.dll [MD5.DE32448E6B40141C80DAABFF6FBE1744] - [19/06/2016 19:27:41] - |A| - [693352] - C:\Windows\system32\DTSVoiceClarityDLL64.dll [MD5.4BA77A5EF71C14C764B0ED4701683E3E] - [22/06/2016 01:31:12] - |A| - [1632256] - C:\Windows\system32\dwmcore.dll [MD5.FCFCD1101C5DA23B4B95F93D02B2C169] - [22/06/2016 01:30:24] - |A| - [128512] - C:\Windows\system32\dwmredir.dll [MD5.9422A7C7D41E3255286EA0C69FA8C607] - [22/06/2016 01:31:19] - |A| - [1544192] - C:\Windows\system32\DWrite.dll [MD5.7C58DEFD1306691C43837CEC18BC64A3] - [22/06/2016 01:30:07] - |A| - [279552] - C:\Windows\system32\dxdiagn.dll [MD5.F404E59DB6A0F122AB26BF4F3E2FD0FA] - [22/06/2016 01:30:58] - |A| - [658944] - C:\Windows\system32\dxgi.dll [MD5.D027C5FDA1072C099165725AB8A54165] - [22/06/2016 01:29:23] - |A| - [5120] - C:\Windows\system32\dxmasf.dll [MD5.42A9CB6906D9A8BEDC83B57163E62924] - [22/06/2016 01:30:39] - |A| - [459776] - C:\Windows\system32\DXP.dll [MD5.3D991793E642D063508503FE68907BA4] - [22/06/2016 01:30:24] - |A| - [675328] - C:\Windows\system32\DXPTaskRingtone.dll [MD5.D7111757FCB56070D15D37DAD910CC35] - [22/06/2016 01:30:29] - |A| - [1457664] - C:\Windows\system32\DxpTaskSync.dll [MD5.CF19E5E7A3D0673EF3FD3E1FEC1BE995] - [19/06/2016 19:45:34] - |A| - [3114] - C:\Windows\system32\e1d62x64.din [MD5.5F13C76B4B70D838CB21600BBB8E9655] - [19/06/2016 19:45:34] - |A| - [73480] - C:\Windows\system32\e1dmsg.dll [MD5.CF1A231594E1B7D59D9279FAA38AD4C2] - [22/06/2016 01:30:39] - |A| - [348160] - C:\Windows\system32\eapp3hst.dll [MD5.9BDAEBDBDE7B98068F7F59E51476160C] - [22/06/2016 01:29:28] - |A| - [103936] - C:\Windows\system32\eappgnui.dll [MD5.87356377F31DA5F20A833811CD59499C] - [22/06/2016 01:30:34] - |A| - [303616] - C:\Windows\system32\eapphost.dll [MD5.7F8E83B9466A0A002D4AB15C104062A7] - [22/06/2016 01:30:06] - |A| - [304128] - C:\Windows\system32\efscore.dll [MD5.03AB2A2E426C2AD400AC8315226347F8] - [22/06/2016 01:29:29] - |A| - [144896] - C:\Windows\system32\EhStorAPI.dll [MD5.12929BDE96189F4E968AD035573424F0] - [22/06/2016 01:29:28] - |A| - [25600] - C:\Windows\system32\elsTrans.dll [MD5.D95D441EAB70A93C9EEBB114AD38EEE0] - [22/06/2016 01:30:54] - |A| - [722944] - C:\Windows\system32\EncDec.dll [MD5.D63F0353F632FB1EDE724173BE6DB5B5] - [22/06/2016 01:31:21] - |A| - [2565632] - C:\Windows\system32\esent.dll [MD5.35E397D6CA8407B86D8A7972F0C90711] - [22/06/2016 01:30:21] - |A| - [359936] - C:\Windows\system32\eudcedit.exe [MD5.00000000000000000000000000000000] - [22/06/2016 03:00:55] - |D| - [158208] - C:\Windows\system32\EventProviders [MD5.BA9DC5F6E03309B795566122847B8428] - [22/06/2016 01:30:42] - |A| - [630272] - C:\Windows\system32\evr.dll [MD5.EED05D42D91835064703E2318552ED25] - [22/06/2016 01:31:21] - |A| - [1866240] - C:\Windows\system32\ExplorerFrame.dll [MD5.F152755F131ADFE452D534F4E9383590] - [22/06/2016 01:30:21] - |A| - [355328] - C:\Windows\system32\Faultrep.dll [MD5.0A98C4E4975F5D735F8361FFEBF2793D] - [22/06/2016 01:30:41] - |A| - [171520] - C:\Windows\system32\fde.dll [MD5.E5E13FCBD1D247BF4CCD8BE3C7D8A5EA] - [22/06/2016 01:30:22] - |A| - [72192] - C:\Windows\system32\fdeploy.dll [MD5.2A436796758BF2555A26C770FE8A6FEE] - [22/06/2016 01:29:29] - |A| - [74240] - C:\Windows\system32\fdProxy.dll [MD5.6A2E9BBD516D064C925A9634A5632854] - [22/06/2016 01:29:28] - |A| - [71168] - C:\Windows\system32\findstr.exe [MD5.6F1AC6100B372F22709B24CFC9E2CC16] - [22/06/2016 01:30:39] - |A| - [934912] - C:\Windows\system32\FirewallControlPanel.dll [MD5.859E2A5AB0CBD752F9C030D74F55D30C] - [22/06/2016 01:29:28] - |A| - [17920] - C:\Windows\system32\fixmapi.exe [MD5.D42713208E6847C2854963B81BC8AF2E] - [19/06/2016 19:27:42] - |A| - [2770976] - C:\Windows\system32\FMAPO64.dll [MD5.345BC7CADBE91E78B52497EF3B0D910B] - [22/06/2016 01:30:21] - |A| - [116224] - C:\Windows\system32\fms.dll [MD5.B4447F606BB19FD8AD0BAFB59B90F5D9] - [22/06/2016 01:31:13] - |A| - [1137664] - C:\Windows\system32\FntCache.dll [MD5.9613BEA1E1509884EC472A10858EC61D] - [22/06/2016 01:30:15] - |A| - [861184] - C:\Windows\system32\fontext.dll [MD5.B4043658A8AE988AA19001CF9DFCFDF9] - [22/06/2016 01:30:09] - |A| - [100864] - C:\Windows\system32\fontsub.dll [MD5.C6A4A29DD06F38D0045FBE3F3A1DBAD5] - [22/06/2016 01:29:29] - |A| - [121344] - C:\Windows\system32\fphc.dll [MD5.00000000000000000000000000000000] - [20/06/2016 04:53:09] - |D| - [1884160] - C:\Windows\system32\fr [MD5.62D2B05F7426D4735F50DC207D569281] - [22/06/2016 01:30:41] - |A| - [279040] - C:\Windows\system32\framedyn.dll [MD5.1484B9EBF567346582DE571B0E164AE0] - [22/06/2016 01:31:00] - |A| - [295936] - C:\Windows\system32\framedynos.dll [MD5.C07CEEF7737E9101E06CD656192B4BCB] - [22/06/2016 01:29:53] - |A| - [48128] - C:\Windows\system32\ftp.exe [MD5.945E54F23C72D37B8CD1987AF0DB63BF] - [22/06/2016 01:30:45] - |A| - [345600] - C:\Windows\system32\fveapi.dll [MD5.2A37F454D3FBD4D2C79B17C86F894B42] - [22/06/2016 01:30:06] - |A| - [184320] - C:\Windows\system32\fvecpl.dll [MD5.650CAEA856943E29F25A25D31E004B18] - [22/06/2016 01:29:39] - |A| - [623104] - C:\Windows\system32\FXSAPI.dll [MD5.5E2C61BE8E093DBFE7FC37585BE42869] - [22/06/2016 01:30:15] - |A| - [267264] - C:\Windows\system32\FXSCOVER.exe [MD5.19E41CCCEE697CC9465396B370929792] - [22/06/2016 01:29:28] - |A| - [41984] - C:\Windows\system32\FXSMON.dll [MD5.DBEFD454F8318A0EF691FDD2EAAB44EB] - [22/06/2016 01:30:41] - |A| - [689152] - C:\Windows\system32\FXSSVC.exe [MD5.43FA401CF9F3343F5B0CB800909506B5] - [22/06/2016 01:29:28] - |A| - [434688] - C:\Windows\system32\FXSTIFF.dll [MD5.3B1829281D9273D00AEEA7F749A688F9] - [22/06/2016 01:29:24] - |A| - [18432] - C:\Windows\system32\FXSUNATD.exe [MD5.1A481461B004DBAC04C28CF70455A751] - [22/06/2016 01:29:28] - |A| - [57856] - C:\Windows\system32\g711codc.ax [MD5.3504B34CD2DE00BA3CC1A195F1B739BD] - [22/06/2016 01:30:40] - |A| - [2746880] - C:\Windows\system32\gameux.dll [MD5.1084AA52CCC324EA54C7121FA24C2221] - [22/06/2016 01:30:43] - |A| - [403968] - C:\Windows\system32\gdi32.dll [MD5.DC3302590D5D3841CDAF391A282FED06] - [22/06/2016 01:31:11] - |A| - [784896] - C:\Windows\system32\gpprefcl.dll [MD5.277BBC7E1AA1EE957F573A10ECA7EF3A] - [22/06/2016 01:31:13] - |A| - [777728] - C:\Windows\system32\gpsvc.dll [MD5.CFB8C673F9188F99466E76C6972191E0] - [22/06/2016 01:30:33] - |A| - [263040] - C:\Windows\system32\hal.dll [MD5.C418F8085C61D3B6911EE82157CA3775] - [22/06/2016 01:30:07] - |A| - [78848] - C:\Windows\system32\hbaapi.dll [MD5.6A5C1A8AC0B572679361026D0E900420] - [22/06/2016 01:30:22] - |A| - [332288] - C:\Windows\system32\hgcpl.dll [MD5.A0524499F4C63CADA7E1529FC77F5DC1] - [22/06/2016 01:30:52] - |A| - [235008] - C:\Windows\system32\hgprint.dll [MD5.9BB99503D6A4DD62569EDE9E5E2672A5] - [22/06/2016 01:29:29] - |A| - [27136] - C:\Windows\system32\HotStartUserAgent.dll [MD5.F7DC62E68443D27AC248741DF07E451E] - [22/06/2016 01:29:23] - |A| - [482816] - C:\Windows\system32\html.iec [MD5.BCEA9AB347E53BC03B2E36BE0B8BA0EF] - [22/06/2016 01:30:06] - |A| - [45056] - C:\Windows\system32\httpapi.dll [MD5.A6F309DD01DC5BD7BFB3E3C1C413573F] - [22/06/2016 01:30:23] - |A| - [100864] - C:\Windows\system32\iasacct.dll [MD5.047AD05DE61C166A1BED4CF5A9083ED8] - [22/06/2016 01:30:24] - |A| - [217088] - C:\Windows\system32\iasrad.dll [MD5.4C6F525A346E80A8834CE2E7A870B203] - [22/06/2016 01:29:29] - |A| - [198656] - C:\Windows\system32\iasrecst.dll [MD5.98AA082059B23A7378A18B5D01824121] - [22/06/2016 01:29:23] - |A| - [128512] - C:\Windows\system32\IcCoinstall.dll [MD5.D56C13F26ADCB3BC0455DB42883F6E7D] - [22/06/2016 01:30:24] - |A| - [445952] - C:\Windows\system32\iedkcs32.dll [MD5.F1115299B9F4C983BC4523B33E3A506C] - [22/06/2016 01:31:34] - |A| - [12260864] - C:\Windows\system32\ieframe.dll [MD5.6E3155F216665BD375CBEC37F2C14123] - [22/06/2016 01:30:45] - |A| - [252928] - C:\Windows\system32\iepeers.dll [MD5.5180380D353277D395D3B36D790AA93E] - [22/06/2016 01:31:22] - |A| - [2444288] - C:\Windows\system32\iertutil.dll [MD5.E060CAF6D6C303A2C9BC13435F7F81A1] - [22/06/2016 01:29:45] - |A| - [180736] - C:\Windows\system32\ifsutil.dll [MD5.FCD84C381E0140AF901E58D48882D26B] - [22/06/2016 01:31:13] - |A| - [853504] - C:\Windows\system32\IKEEXT.DLL [MD5.B8509DCFCFD577F568BE4026BFD982C0] - [22/06/2016 01:29:28] - |A| - [76800] - C:\Windows\system32\imagehlp.dll [MD5.8130391F82D52D36C0441F714136957F] - [22/06/2016 01:30:41] - |A| - [503296] - C:\Windows\system32\imapi2.dll [MD5.D92420AC58F49F173D7E1CAE32629F3E] - [22/06/2016 01:31:10] - |A| - [1244160] - C:\Windows\system32\imapi2fs.dll [MD5.25833C9289AEA84AE3F552FE7A0B1C19] - [22/06/2016 01:29:29] - |A| - [1148416] - C:\Windows\system32\IMJP10.IME [MD5.FF50D93AAF2C520B43B0910EF2A1838B] - [22/06/2016 01:29:23] - |A| - [457216] - C:\Windows\system32\imkr80.ime [MD5.713DE8F093E17A7342728BC94C4A4D61] - [22/06/2016 01:30:40] - |A| - [976896] - C:\Windows\system32\inetcomm.dll [MD5.FCFF56E69B4961BFB2599E14E7EB7FDE] - [22/06/2016 01:30:22] - |A| - [1538560] - C:\Windows\system32\inetcpl.cpl [MD5.90CC31E54E79E9E5800FFF3CCF2FC5DB] - [22/06/2016 01:29:28] - |A| - [65536] - C:\Windows\system32\inetmib1.dll [MD5.507D5567A0A4EE86C4B0CE2CE1777025] - [22/06/2016 01:30:40] - |A| - [166912] - C:\Windows\system32\inetpp.dll [MD5.70454DC107F93A2261A340E5B89BF052] - [22/06/2016 01:29:40] - |A| - [125440] - C:\Windows\system32\inseng.dll [MD5.2C2FBB6DC3CE8FAF4AB2F7C6C5071C4C] - [22/06/2016 01:30:06] - |A| - [373248] - C:\Windows\system32\intl.cpl [MD5.2B81776DA02017A37FE26C662827470E] - [22/06/2016 01:30:40] - |A| - [145920] - C:\Windows\system32\IPHLPAPI.DLL [MD5.A34A587FFFD45FA649FBA6D03784D257] - [22/06/2016 01:30:41] - |A| - [569344] - C:\Windows\system32\iphlpsvc.dll [MD5.40308014B44489795DA132D3F2CC13DA] - [22/06/2016 01:30:05] - |A| - [281088] - C:\Windows\system32\iprtrmgr.dll [MD5.4F15D75ADF6156BF56ECED6D4A55C389] - [22/06/2016 01:30:41] - |A| - [501248] - C:\Windows\system32\IPSECSVC.DLL [MD5.ED3AF52CE4FFBE152BD27D0B6CE676F5] - [22/06/2016 01:30:52] - |A| - [584192] - C:\Windows\system32\ipsmsnap.dll [MD5.A5C09AA0017428B30BE3423CB84DEB61] - [22/06/2016 01:29:28] - |A| - [152064] - C:\Windows\system32\iscsicli.exe [MD5.22D98BF27F3DAE2B3E9559B9C40D49A1] - [22/06/2016 01:29:46] - |A| - [37376] - C:\Windows\system32\iscsium.dll [MD5.F8051F06E1C4AA3F2EFE4402AF5919B1] - [22/06/2016 01:30:06] - |A| - [91648] - C:\Windows\system32\isoburn.exe [MD5.F024FD214655A287536026B00C08430F] - [22/06/2016 01:29:28] - |A| - [194048] - C:\Windows\system32\itircl.dll [MD5.56840D971042FA448E9F75062BB26DAD] - [22/06/2016 01:30:05] - |A| - [282624] - C:\Windows\system32\iTVData.dll [MD5.5CE9241C030C004FF92037DF8F7401B0] - [22/06/2016 01:30:04] - |A| - [54272] - C:\Windows\system32\iyuv_32.dll [MD5.2D1FFFFB473C60805F53598F77A6E283] - [22/06/2016 01:31:23] - |A| - [919040] - C:\Windows\system32\jscript.dll [MD5.6F7D1601DA55BBE5C7A79E01E236D7B9] - [19/06/2016 19:27:47] - |A| - [603984] - C:\Windows\system32\KAAPORT64.dll [MD5.C1FC0D0BCA806CAD557C7CAF3E78E1DA] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\system32\KBDBASH.DLL [MD5.79F73766D279D1842581EA60D6FD44F1] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\system32\KBDBLR.DLL [MD5.9CB174523429D757DC8B896F5C3967C7] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\system32\KBDBULG.DLL [MD5.77EC39CBFDDD4B54F741B27004882542] - [22/06/2016 01:29:20] - |A| - [8192] - C:\Windows\system32\KBDCZ1.DLL [MD5.A09DB2FEA18B9652F8D20B5CAEB5A44E] - [22/06/2016 01:29:20] - |A| - [6656] - C:\Windows\system32\KBDGEO.DLL [MD5.14232FB0BCBB446352C37CF3260FC3E4] - [22/06/2016 01:29:21] - |A| - [8192] - C:\Windows\system32\KBDGKL.DLL [MD5.166930BF9AC87B8DC52EC4F77821D4B1] - [22/06/2016 01:29:21] - |A| - [7680] - C:\Windows\system32\KBDGR1.DLL [MD5.B64E6DA93066E6DCECB046E3E75C61A5] - [22/06/2016 01:29:21] - |A| - [7680] - C:\Windows\system32\KBDINBEN.DLL [MD5.AD20BF819D5C52F36CAAAE33EFB2AC14] - [22/06/2016 01:29:06] - |A| - [7168] - C:\Windows\system32\KBDINHIN.DLL [MD5.C3E6B50E73E2212C3A2768054F9A523B] - [22/06/2016 01:29:06] - |A| - [7168] - C:\Windows\system32\KBDINKAN.DLL [MD5.46302663F2E25F9877A10BC9F1E619D6] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\system32\KBDINMAR.DLL [MD5.C6E8BA35B529D33E2056C4922CC11336] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\system32\KBDINORI.DLL [MD5.1F9860C03FAC9A1052C96837649D7723] - [22/06/2016 01:29:21] - |A| - [7680] - C:\Windows\system32\KBDINTAM.DLL [MD5.59825A3288FDEC4D00FF99ADBD77AD79] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\system32\KBDINTEL.DLL [MD5.0BC9A864E8AC046A85613C451699D91A] - [22/06/2016 01:29:21] - |A| - [8192] - C:\Windows\system32\kbdlk41a.dll [MD5.4E1EED4AC7C69E33BA461E68F748EFA0] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\system32\KBDLT1.DLL [MD5.28E9FE419779A4DB32F841CE8B572139] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\system32\KBDMAORI.DLL [MD5.3C6085842F154C350213511B0D3E381A] - [22/06/2016 01:29:20] - |A| - [7168] - C:\Windows\system32\KBDMON.DLL [MD5.757BDC7D5870E23A83DAD7EB9132C6BE] - [22/06/2016 01:29:21] - |A| - [7680] - C:\Windows\system32\KBDNEPR.DLL [MD5.4B1D11E789F27C99B7D18F7765E256C1] - [22/06/2016 01:29:21] - |A| - [7680] - C:\Windows\system32\KBDPO.DLL [MD5.6DFF455CE6D7338F9146578BE21594C2] - [22/06/2016 01:29:21] - |A| - [7680] - C:\Windows\system32\KBDSF.DLL [MD5.4572948BA797E6EE4D33B5B55A98A099] - [22/06/2016 01:29:21] - |A| - [8192] - C:\Windows\system32\KBDSG.DLL [MD5.6132CBC243CAB9B5462ED4419DAF3ECE] - [22/06/2016 01:29:20] - |A| - [7168] - C:\Windows\system32\KBDTAJIK.DLL [MD5.110B1CB812D2A7208FC366654ABB80CE] - [22/06/2016 01:29:21] - |A| - [8192] - C:\Windows\system32\KBDTUF.DLL [MD5.35701AA2A2B63A97714B1016374E0557] - [22/06/2016 01:29:21] - |A| - [8192] - C:\Windows\system32\KBDTUQ.DLL [MD5.174E2AF0968A86D5FBFA7B00C79677B6] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\system32\KBDTURME.DLL [MD5.AE3821CB2E8CF9F6FB04ECA83E7A3C34] - [22/06/2016 01:29:20] - |A| - [7168] - C:\Windows\system32\KBDUGHR1.DLL [MD5.78523A26F5604C0568FE9D1CE86E36F4] - [22/06/2016 01:29:20] - |A| - [7168] - C:\Windows\system32\KBDUS.DLL [MD5.65D57212965A93FE78E41E3998BB97AD] - [22/06/2016 01:31:13] - |A| - [715264] - C:\Windows\system32\kerberos.dll [MD5.7A6326D96D53048FDEC542DF23D875A0] - [22/06/2016 01:31:13] - |A| - [1161216] - C:\Windows\system32\kernel32.dll [MD5.DA68C291B4EF2DEC9C5963266BCAE454] - [22/06/2016 01:31:11] - |A| - [419840] - C:\Windows\system32\KernelBase.dll [MD5.387E72E739E15E3D37907A86D9FF98E2] - [22/06/2016 01:29:28] - |A| - [90624] - C:\Windows\system32\KMSVC.DLL [MD5.2D66F79983F266621E6450E08A536DAD] - [22/06/2016 01:30:09] - |A| - [250880] - C:\Windows\system32\ksproxy.ax [MD5.90C06682302B3F911EA22211A2FFC6ED] - [22/06/2016 01:29:53] - |A| - [102912] - C:\Windows\system32\kstvtune.ax [MD5.B84CB0F6C83F5D515570334AC505720C] - [22/06/2016 01:29:35] - |A| - [133120] - C:\Windows\system32\Kswdmcap.ax [MD5.5F7C94678DAE6EF130CDDC1BBDC1738E] - [22/06/2016 01:30:05] - |A| - [66048] - C:\Windows\system32\ksxbar.ax [MD5.ABBEC8D6CC5C610877BF98D99F4B4413] - [22/06/2016 01:30:21] - |A| - [57856] - C:\Windows\system32\licmgr10.dll [MD5.EFDFB3DD38A4376F93E7985173813ABD] - [22/06/2016 01:30:22] - |A| - [232448] - C:\Windows\system32\ListSvc.dll [MD5.C5DEA5B95AF9AA981C88CAB94A58213E] - [22/06/2016 01:31:04] - |A| - [419880] - C:\Windows\system32\locale.nls [MD5.77FD3C1F628FDA66DEA1D8234CEC7E52] - [22/06/2016 01:30:41] - |A| - [551936] - C:\Windows\system32\localsec.dll [MD5.89B89AE23491F5D4E338499A3D568269] - [22/06/2016 01:31:02] - |A| - [955904] - C:\Windows\system32\localspl.dll [MD5.9BAC981F66940ACFF5469D15B769E056] - [22/06/2016 01:29:29] - |A| - [104448] - C:\Windows\system32\logman.exe [MD5.D599A5E49043569C89804128ECBDA25C] - [22/06/2016 01:29:28] - |A| - [21504] - C:\Windows\system32\logoff.exe [MD5.8FFE297B8449386E7B6851458B6E474E] - [22/06/2016 01:30:21] - |A| - [186880] - C:\Windows\system32\logoncli.dll [MD5.715F03B4C7223349768013EA95D9E5B7] - [22/06/2016 01:29:24] - |A| - [27648] - C:\Windows\system32\LogonUI.exe [MD5.50D28F3F8B7C17056520C80A29EFE17C] - [22/06/2016 01:30:54] - |A| - [653312] - C:\Windows\system32\lpksetup.exe [MD5.9F84806B3991D338FFDFC4ECF86A6923] - [22/06/2016 01:31:11] - |A| - [1447936] - C:\Windows\system32\lsasrv.dll [MD5.4701D95AF656720C651519FDDA19EA34] - [22/06/2016 01:31:04] - |A| - [53248] - C:\Windows\system32\LSCSHostPolicy.dll [MD5.9662EE182644511439F1C53745DC1C88] - [22/06/2016 01:30:58] - |A| - [343040] - C:\Windows\system32\lsm.exe [MD5.988121D083B7AB61D4A7E244290BAAB0] - [22/06/2016 01:30:22] - |A| - [50176] - C:\Windows\system32\lsmproxy.dll [MD5.35C2F5EE281D0CC00B6185435EE6D1A7] - [22/06/2016 01:29:28] - |A| - [48640] - C:\Windows\system32\luainstall.dll [MD5.6E90B7A6C66355AA8DDC5CABF6073DE1] - [22/06/2016 01:29:45] - |A| - [497664] - C:\Windows\system32\main.cpl [MD5.0B0A8CE57A798231C0B6E4F7ABBFE5D1] - [22/06/2016 01:29:28] - |A| - [79872] - C:\Windows\system32\manage-bde.exe [MD5.8F4BB0CFECED925D440ABC2481278360] - [22/06/2016 01:29:47] - |A| - [91648] - C:\Windows\system32\mapi32.dll [MD5.8F4BB0CFECED925D440ABC2481278360] - [22/06/2016 01:29:47] - |A| - [91648] - C:\Windows\system32\mapistub.dll [MD5.75616F8DB5C092A8A50AFEC273859DD7] - [19/06/2016 19:27:49] - |A| - [318808] - C:\Windows\system32\MaxxAudioAPO20.dll [MD5.06080807E61471A18AD99F3E6FF3C9B5] - [19/06/2016 19:27:49] - |A| - [663296] - C:\Windows\system32\MaxxAudioAPO30.dll [MD5.F6CEC11F21748F73B41DC5B15F8680C5] - [19/06/2016 19:27:49] - |A| - [1419376] - C:\Windows\system32\MaxxAudioAPO4064.dll [MD5.2EDD56DF9AF0EE999D0262FA910F033B] - [19/06/2016 19:27:49] - |A| - [1419376] - C:\Windows\system32\MaxxAudioAPO5064.dll [MD5.CFD0F926ADB979605FDEC148741DB2F7] - [19/06/2016 19:27:50] - |A| - [2319960] - C:\Windows\system32\MaxxAudioAPO6064.dll [MD5.5569CE8D7A4E362EC68F8C1DD8AEB3C5] - [19/06/2016 19:27:50] - |A| - [1033304] - C:\Windows\system32\MaxxAudioAPOShell64.dll [MD5.E66E3CB8375C8F03E68C7488D3833FE8] - [19/06/2016 19:27:51] - |A| - [2037336] - C:\Windows\system32\MaxxAudioEQ64.dll [MD5.E7AFD2E336ACD9E28CAE71437BA48FE8] - [19/06/2016 19:27:52] - |A| - [1932888] - C:\Windows\system32\MaxxAudioRealtek264.dll [MD5.3F33275C54D601C38078A01FBB78D5DE] - [19/06/2016 19:27:53] - |A| - [14737496] - C:\Windows\system32\MaxxAudioRealtek64.dll [MD5.14434CB334AEBFABF024EA2B8F098A48] - [19/06/2016 19:27:56] - |A| - [28310104] - C:\Windows\system32\MaxxAudioVnA64.dll [MD5.0E1582F11CA0E417BC7AE6D1B83F4B5E] - [19/06/2016 19:28:01] - |A| - [3923032] - C:\Windows\system32\MaxxAudioVnN64.dll [MD5.581778867AEB80C4366057B3DE1DC4D0] - [19/06/2016 19:28:02] - |A| - [1313904] - C:\Windows\system32\MaxxSpeechAPO64.dll [MD5.6697E2E2A7AA44BC03E3C953E641EBE6] - [19/06/2016 19:28:02] - |A| - [938608] - C:\Windows\system32\MaxxVoiceAPO2064.dll [MD5.9318BDE606B6BD1FBC9264D28F7E259C] - [19/06/2016 19:28:02] - |A| - [12793944] - C:\Windows\system32\MaxxVoiceAPO3064.dll [MD5.587A8CF457604D84266FF858CEB60223] - [19/06/2016 19:28:05] - |A| - [662784] - C:\Windows\system32\MaxxVolumeSDAPO.dll [MD5.FA4C36B574BF387D9582ED2C54A347A8] - [22/06/2016 01:30:09] - |A| - [957440] - C:\Windows\system32\mblctr.exe [MD5.8CA406EF4805B7097D3E5CED50540A50] - [22/06/2016 01:30:52] - |A| - [272896] - C:\Windows\system32\mcbuilder.exe [MD5.89C92686DED63EEAF1DB03F97A1898F2] - [22/06/2016 01:30:09] - |A| - [433512] - C:\Windows\system32\MCEWMDRMNDBootstrap.dll [MD5.E674F9D3B685167F6C83EAE8BEF7F567] - [22/06/2016 01:29:28] - |A| - [41472] - C:\Windows\system32\mciqtz32.dll [MD5.C37D1BCE87EE81C17EE602F1391DDE48] - [22/06/2016 01:30:42] - |A| - [1009152] - C:\Windows\system32\mcmde.dll [MD5.06CBA28981689B96B1E6A16F463F2260] - [22/06/2016 01:31:20] - |A| - [299392] - C:\Windows\system32\mcupdate_GenuineIntel.dll [MD5.0BE09CD858ABF9DF6ED259D57A1A1663] - [22/06/2016 01:29:34] - |A| - [84992] - C:\Windows\system32\Mcx2Svc.dll [MD5.3EEC0FB1DDD317AA1E8933B912439736] - [22/06/2016 01:29:35] - |A| - [146944] - C:\Windows\system32\MdSched.exe [MD5.4179D7F2872EA3BCB6A2BE95340D2FAA] - [22/06/2016 01:30:06] - |A| - [345600] - C:\Windows\system32\MediaMetadataHandler.dll [MD5.20ECAC7791DCBA69121631CB627E5A96] - [22/06/2016 01:31:24] - |A| - [4120064] - C:\Windows\system32\mf.dll [MD5.54C0E2C37436A15DA2CC40FDA742E2F5] - [22/06/2016 01:30:52] - |A| - [381440] - C:\Windows\system32\mfds.dll [MD5.AAFAF68D1A450325DA58D9EAD997B427] - [22/06/2016 01:30:05] - |A| - [240640] - C:\Windows\system32\MFPlay.dll [MD5.7C932706EC416BCFC2FB9DB66D823643] - [22/06/2016 01:29:50] - |A| - [206848] - C:\Windows\system32\mfps.dll [MD5.E8706A051BFFC9DA9E9B935AAA432AAC] - [22/06/2016 01:30:41] - |A| - [257024] - C:\Windows\system32\mfreadwrite.dll [MD5.98BB7E40685F7F79C20E2ABA93818346] - [22/06/2016 01:30:22] - |A| - [41472] - C:\Windows\system32\mimefilt.dll [MD5.B6DBCBB878A3BE0B48E8F5045CB9CA9D] - [19/06/2016 19:27:49] - |A| - [906800] - C:\Windows\system32\MISS_APO.dll [MD5.9E3C848BBDB5521271B3B038ECE8CC88] - [22/06/2016 01:31:25] - |A| - [3205120] - C:\Windows\system32\mmcndmgr.dll [MD5.649F5F47EA85C08AEE9353CEEF810233] - [22/06/2016 01:30:34] - |A| - [850944] - C:\Windows\system32\mmsys.cpl [MD5.509E88FF7B257885775791FAF0965D6A] - [22/06/2016 01:29:28] - |A| - [102400] - C:\Windows\system32\mobsync.exe [MD5.14DBF43745F54326CBBC7211750B6D20] - [22/06/2016 01:30:06] - |A| - [104960] - C:\Windows\system32\Mpeg2Data.ax [MD5.1928FCD320E7410A113B1AE49A77C236] - [22/06/2016 01:30:22] - |A| - [258560] - C:\Windows\system32\mpg2splt.ax [MD5.2DF29664ED261F0FC448E58F338F0671] - [22/06/2016 01:30:39] - |A| - [221184] - C:\Windows\system32\mprapi.dll [MD5.621B74BFCE49F9372AED2859FD87343C] - [22/06/2016 01:30:15] - |A| - [211456] - C:\Windows\system32\mprddm.dll [MD5.4736827FD818C5BE482C188A7D27FA93] - [19/06/2016 20:39:00] - |N| - [484008] - C:\Windows\system32\MpSigStub.exe [MD5.54FFC9C8898113ACE189D4AA7199D2C1] - [22/06/2016 01:31:14] - |A| - [828416] - C:\Windows\system32\MPSSVC.dll [MD5.8699D60D780483F2A1B6B35EF967A78A] - [22/06/2016 01:30:07] - |A| - [268288] - C:\Windows\system32\MSAC3ENC.DLL [MD5.884415BD4269C02EAF8E2613BF85500D] - [22/06/2016 01:30:24] - |A| - [46592] - C:\Windows\system32\msasn1.dll [MD5.1834B31C749B86DAC233BBBA1C03BC48] - [22/06/2016 01:30:39] - |A| - [625664] - C:\Windows\system32\mscms.dll [MD5.E19D102BAF266F34592F7C742FBFA886] - [22/06/2016 01:30:22] - |A| - [300032] - C:\Windows\system32\msconfig.exe [MD5.A08C010D859F8EB42BDD7E1D55B8CA27] - [22/06/2016 01:31:25] - |A| - [444752] - C:\Windows\system32\mscoree.dll [MD5.9697D0C831C3D33EAA22D3454554638A] - [22/06/2016 01:30:20] - |A| - [154960] - C:\Windows\system32\mscorier.dll [MD5.558C42D165DB5799B4072DC0A9C27C0B] - [22/06/2016 01:29:28] - |A| - [35840] - C:\Windows\system32\msdmo.dll [MD5.D38535978F93F9FC9F28BE6093A87DBE] - [22/06/2016 01:30:40] - |A| - [552960] - C:\Windows\system32\msdri.dll [MD5.52D30D72E4833CDC3B49B60498766486] - [22/06/2016 01:31:02] - |A| - [457216] - C:\Windows\system32\msdrm.dll [MD5.80F720E3C6B85A5FA9F359F881510880] - [22/06/2016 01:31:00] - |A| - [1509888] - C:\Windows\system32\msdtctm.dll [MD5.A88D5A2FA2B16934A74C4B1138676560] - [22/06/2016 01:29:29] - |A| - [75776] - C:\Windows\system32\MSDvbNP.ax [MD5.D027C5FDA1072C099165725AB8A54165] - [22/06/2016 01:29:23] - |A| - [5120] - C:\Windows\system32\msdxm.ocx [MD5.7A3B0B61574E7A78534E55344EFA7DEF] - [22/06/2016 01:31:08] - |A| - [702464] - C:\Windows\system32\msfeeds.dll [MD5.E5BE95454ACC06415C8C58FDAB6DD2A4] - [22/06/2016 01:30:05] - |A| - [82944] - C:\Windows\system32\msfeedsbs.dll [MD5.E5285C0E295E2F5A522EE79C7F7A15CA] - [22/06/2016 01:29:28] - |A| - [12288] - C:\Windows\system32\msfeedssync.exe [MD5.1EAC1A8CA6874BF5B15E2EFB9A9A7B86] - [22/06/2016 01:30:23] - |A| - [799744] - C:\Windows\system32\msftedit.dll [MD5.1C8B787BAA52DEAD1A6FEC1502D652F0] - [22/06/2016 01:31:42] - |A| - [8988160] - C:\Windows\system32\mshtml.dll [MD5.837C657B122B77C6E33FA0D4C9903B1F] - [22/06/2016 01:30:05] - |A| - [97280] - C:\Windows\system32\mshtmled.dll [MD5.6A16BCE3C09496650BE881C467611653] - [22/06/2016 01:30:39] - |A| - [3211776] - C:\Windows\system32\msi.dll [MD5.67C5556E2A9F0F9FFB5FC40A8761FABB] - [22/06/2016 01:30:07] - |A| - [335360] - C:\Windows\system32\msieftp.dll [MD5.A190DA6546501CB4146BBCC0B6A3F48B] - [22/06/2016 01:29:58] - |A| - [128000] - C:\Windows\system32\msiexec.exe [MD5.D291620D4C51C5F5FFA62CCDC52C5C13] - [22/06/2016 01:30:40] - |A| - [378880] - C:\Windows\system32\msinfo32.exe [MD5.28A7D7C7E2FDD1D55F12F750CD6331EC] - [22/06/2016 01:30:25] - |A| - [1160192] - C:\Windows\system32\MSMPEG2ENC.DLL [MD5.AF1CCAFDAF72439B123A37BD6509F19E] - [22/06/2016 01:29:29] - |A| - [325632] - C:\Windows\system32\msnetobj.dll [MD5.B862B1040C5D9843678ECEA8EB4099C0] - [22/06/2016 01:30:42] - |A| - [288256] - C:\Windows\system32\MSNP.ax [MD5.5A9290C6413880C3C109522124AB0981] - [22/06/2016 01:30:40] - |A| - [571904] - C:\Windows\system32\mspbda.dll [MD5.45989C268EC2CC9EEA80030AF96CDA5A] - [22/06/2016 01:29:47] - |A| - [16384] - C:\Windows\system32\msrle32.dll [MD5.D1353DE9899D713C2875B9731DD2A489] - [22/06/2016 01:30:05] - |A| - [641024] - C:\Windows\system32\msscp.dll [MD5.94D74880B59751661B7A7CF11BAEC9B3] - [22/06/2016 01:29:29] - |A| - [288256] - C:\Windows\system32\mssphtb.dll [MD5.017F5CE9BC2333FE0FB738B0A9C13C2F] - [22/06/2016 01:31:25] - |A| - [2223616] - C:\Windows\system32\mssrch.dll [MD5.A455A0BB8F206667FECA96B9B905875B] - [22/06/2016 01:30:54] - |A| - [778752] - C:\Windows\system32\mssvp.dll [MD5.862596399AAFD2A21DB2AF9270CD4F70] - [22/06/2016 01:29:34] - |A| - [238080] - C:\Windows\system32\mstask.dll [MD5.F4B0CD6B1D9490A86F60C142F68687CC] - [22/06/2016 01:31:12] - |A| - [1026560] - C:\Windows\system32\mstime.dll [MD5.50F739538EF014B2E7EC59431749D838] - [22/06/2016 01:31:11] - |A| - [1116672] - C:\Windows\system32\mstsc.exe [MD5.0A56ED57B8A7D5CE903613B5DBFD535D] - [22/06/2016 01:31:35] - |A| - [3715584] - C:\Windows\system32\mstscax.dll [MD5.EF12B8385AA2849999008A977918F96B] - [22/06/2016 01:31:10] - |A| - [312320] - C:\Windows\system32\msv1_0.dll [MD5.69A4347A8EAD86185EFF2F75755176E6] - [22/06/2016 01:30:05] - |A| - [38912] - C:\Windows\system32\msvidc32.dll [MD5.0191E738BF521FE6EC567148E73C086B] - [22/06/2016 01:31:27] - |A| - [3650560] - C:\Windows\system32\MSVidCtl.dll [MD5.1D5185A4C7E6695431AE4B55C3D7D333] - [22/06/2016 01:30:57] - |A| - [326144] - C:\Windows\system32\mswsock.dll [MD5.022B05CEE68D7826A93AEDB4F1EB369E] - [22/06/2016 01:31:20] - |A| - [1881088] - C:\Windows\system32\msxml3.dll [MD5.5C29199C9F0EDE64F17F268084EC4392] - [22/06/2016 01:31:13] - |A| - [2004480] - C:\Windows\system32\msxml6.dll [MD5.B94D3DACCF5882B697A1C53D00BE643A] - [22/06/2016 01:29:48] - |A| - [25600] - C:\Windows\system32\msyuv.dll [MD5.ACB4F32174EB5066D4684369CEA925E9] - [22/06/2016 01:30:22] - |A| - [372736] - C:\Windows\system32\mtxclu.dll [MD5.AE55B3FC3D29593A9CEBA5909AB4A346] - [22/06/2016 01:29:43] - |A| - [16896] - C:\Windows\system32\muifontsetup.dll [MD5.3DC7F21CF94CC930E7E8F63D4AEBA71A] - [22/06/2016 01:29:28] - |A| - [51712] - C:\Windows\system32\MultiDigiMon.exe [MD5.C8994E2703410F8DFE19DE5BF82994C0] - [22/06/2016 01:29:28] - |A| - [143360] - C:\Windows\system32\mydocs.dll [MD5.17E6B6B2ADA2630E01EAE9F9AC7A1D63] - [22/06/2016 01:29:45] - |A| - [242688] - C:\Windows\system32\Mystify.scr [MD5.F43841270CEEF8CC08B545ABB56FDF56] - [19/06/2016 19:28:05] - |A| - [5752072] - C:\Windows\system32\NAHIMICAPOlfx.dll [MD5.8CFB497C0C8F70132A4F678E848241B2] - [19/06/2016 19:28:05] - |A| - [942384] - C:\Windows\system32\NAHIMICAPOSettingsIPC.dll [MD5.E0773633E4193B183FB396192581BD86] - [22/06/2016 01:29:40] - |A| - [50176] - C:\Windows\system32\NAPCRYPT.DLL [MD5.85CD6797A4EDE1E3E0378DCBDF227CF0] - [22/06/2016 01:29:24] - |A| - [72192] - C:\Windows\system32\napdsnap.dll [MD5.A302DA1404664CEF1D416ED4DE49EA2B] - [22/06/2016 01:29:58] - |A| - [133632] - C:\Windows\system32\NAPHLPR.DLL [MD5.AFA10DB13B9A0537297AEEF2CD66352F] - [22/06/2016 01:30:21] - |A| - [1077248] - C:\Windows\system32\Narrator.exe [MD5.01E2855FB06C422E721D890AF201C2D7] - [22/06/2016 01:31:20] - |A| - [1326080] - C:\Windows\system32\NaturalLanguage6.dll [MD5.FEB91B4DA0D540865260A33838654FA3] - [22/06/2016 01:30:21] - |A| - [90112] - C:\Windows\system32\nci.dll [MD5.6140A1493EC6FFFE2DF350EA0E9A7D8B] - [22/06/2016 01:30:06] - |A| - [66048] - C:\Windows\system32\ncryptui.dll [MD5.4A435F95B940E93A88FEC144BD409789] - [22/06/2016 01:31:02] - |A| - [210944] - C:\Windows\system32\ncsi.dll [MD5.3B6928BC39E5530CEAD1E99269E7B1EE] - [22/06/2016 01:29:53] - |A| - [152064] - C:\Windows\system32\net1.exe [MD5.764908FE1FA96F93C95B1B67A0FCED29] - [22/06/2016 01:29:29] - |A| - [72704] - C:\Windows\system32\netapi32.dll [MD5.56BEB546F3F6EEAAAD5759E0B32E7C58] - [22/06/2016 01:30:23] - |A| - [1689600] - C:\Windows\system32\netcenter.dll [MD5.03706015DB44368375AEBE6339490E66] - [22/06/2016 01:30:59] - |A| - [519680] - C:\Windows\system32\netcfgx.dll [MD5.F4EA461A9DDF4861A0BDE2B0DD5645BA] - [22/06/2016 01:30:41] - |A| - [324096] - C:\Windows\system32\netdiagfx.dll [MD5.0F02C3FF97EAB0D8295854D6C4F82BEE] - [22/06/2016 01:31:43] - |A| - [48976] - C:\Windows\system32\netfxperf.dll [MD5.2F1A635997A0E86AAF99F974E72905B1] - [22/06/2016 01:30:40] - |A| - [165376] - C:\Windows\system32\netid.dll [MD5.0FE14E3B3C0DAA77DFB5B60E1D274D6F] - [22/06/2016 01:30:22] - |A| - [215552] - C:\Windows\system32\netiohlp.dll [MD5.C6505DE3561537BA1004D638C2F93F2F] - [22/06/2016 01:30:21] - |A| - [188928] - C:\Windows\system32\netjoin.dll [MD5.AA339DD8BB128EF66660DFBBB59043D3] - [22/06/2016 01:31:10] - |A| - [695808] - C:\Windows\system32\netlogon.dll [MD5.4659DD732B02A7593469882ACEF1BFF6] - [22/06/2016 01:30:06] - |A| - [193024] - C:\Windows\system32\netplwiz.dll [MD5.A42F2C1EB3B66C54FB3C7B79D30C1A6D] - [22/06/2016 01:31:00] - |A| - [2652160] - C:\Windows\system32\netshell.dll [MD5.6CECA4C6A489C9B2E6073AFDAAE3F607] - [22/06/2016 01:29:40] - |A| - [29184] - C:\Windows\system32\netutils.dll [MD5.405F4D32D2185F1F1BD753D8EEAFFB3A] - [22/06/2016 01:29:53] - |A| - [1672704] - C:\Windows\system32\networkexplorer.dll [MD5.D2D30DAC4DE4EC8BF09564BB51915263] - [22/06/2016 01:30:06] - |A| - [2146816] - C:\Windows\system32\networkmap.dll [MD5.4AA441F4AD7491BDB2162F87A1DA6A3A] - [19/06/2016 19:45:34] - |A| - [36472] - C:\Windows\system32\NicCo36.dll [MD5.C7B3A7B22FBC5957E061C0557676577E] - [19/06/2016 19:45:32] - |A| - [89888] - C:\Windows\system32\NicInstD.dll [MD5.2DF36F15B2BC1571A6A542A3C2107920] - [22/06/2016 01:30:24] - |A| - [70656] - C:\Windows\system32\nlaapi.dll [MD5.1EE99A89CC788ADA662441D1E9830529] - [22/06/2016 01:30:59] - |A| - [303616] - C:\Windows\system32\nlasvc.dll [MD5.36917E19EDABCC37054C6F2FD27DB6FC] - [22/06/2016 01:29:06] - |A| - [69120] - C:\Windows\system32\nlsbres.dll [MD5.B23E4D796A3FEB91241A806EC18D5C32] - [22/06/2016 01:29:32] - |A| - [395776] - C:\Windows\system32\nltest.exe [MD5.B73A6E4B319AFFE64582AC5C1801BB3F] - [22/06/2016 01:29:29] - |A| - [15360] - C:\Windows\system32\nrpsrv.dll [MD5.97BA1A7979EB66F4E8E95270854DFBDC] - [22/06/2016 01:30:21] - |A| - [455168] - C:\Windows\system32\nshipsec.dll [MD5.891C5270AFE8A69366702C88F3E24768] - [22/06/2016 01:29:58] - |A| - [109568] - C:\Windows\system32\nslookup.exe [MD5.3556D5A8BF2CC508BDAB51DEC38D7C61] - [22/06/2016 01:31:25] - |A| - [1731936] - C:\Windows\system32\ntdll.dll [MD5.BC566D17914B07ABAAB3A5A385CC3300] - [22/06/2016 01:30:05] - |A| - [129536] - C:\Windows\system32\ntlanman.dll [MD5.D60D9BCEAE5870A67E6C167F4681877B] - [20/06/2016 23:23:52] - |A| - [5562240] - C:\Windows\system32\ntoskrnl.exe [MD5.FDC385A0F7D7DD880C4622D1DF08ABE9] - [22/06/2016 01:29:57] - |A| - [344576] - C:\Windows\system32\ntprint.dll [MD5.7BBF670114373CE6A203FA155A9E0D0A] - [22/06/2016 01:30:39] - |A| - [509952] - C:\Windows\system32\ntshrui.dll [MD5.78B1DD0BE630C276E98347088A76CE30] - [19/06/2016 21:19:49] - |A| - [594] - C:\Windows\system32\nv-vk64.json [MD5.F3551E46FC2C9655D660AF6C2B4C2864] - [19/06/2016 21:21:43] - |A| - [534072] - C:\Windows\system32\nv3dappshext.dll [MD5.AB7073587957C38A79DA522B1B5D7D0A] - [19/06/2016 21:21:43] - |A| - [81856] - C:\Windows\system32\nv3dappshextr.dll [MD5.619623F7F985D7253088E470A8363364] - [19/06/2016 20:48:53] - |A| - [3825896] - C:\Windows\system32\nvapi64.dll [MD5.FDAEA352F1D8ED10AA1404B8AD9B6F50] - [19/06/2016 20:51:11] - |A| - [113216] - C:\Windows\system32\nvaudcap64v.dll [MD5.34A4698BB1C2E37302E82B08E03FA944] - [19/06/2016 21:19:49] - |A| - [39979576] - C:\Windows\system32\nvcompiler.dll [MD5.05F9BC4F2B01B2948184A0BEE70B38C0] - [19/06/2016 20:50:22] - |A| - [6452948] - C:\Windows\system32\nvcoproc.bin [MD5.E6BFB364C75EA4E0F956843BC597AE7B] - [19/06/2016 20:50:22] - |A| - [6362560] - C:\Windows\system32\nvcpl.dll [MD5.09A959DB8414D20EB595C22E84C4DC5F] - [19/06/2016 21:19:49] - |A| - [21346712] - C:\Windows\system32\nvcuda.dll [MD5.D8B2E3472A8954AD8C123A94B7C8D7F5] - [19/06/2016 21:19:49] - |A| - [3512888] - C:\Windows\system32\nvcuvid.dll [MD5.BA541ACA0022F3739892F61DAD4C39CB] - [19/06/2016 21:19:49] - |A| - [17290416] - C:\Windows\system32\nvd3dumx.dll [MD5.DBFA932A5F59CB9B61F7BE5675539B52] - [19/06/2016 20:49:56] - |A| - [1898128] - C:\Windows\system32\nvdispco6435362.dll [MD5.A97106F1CC9DCD4A7B6BF0D554292F05] - [19/06/2016 21:19:49] - |A| - [1922616] - C:\Windows\system32\nvdispco6436839.dll [MD5.FEB8A1452275D09A13245C3E0FB90310] - [19/06/2016 20:49:56] - |A| - [1557648] - C:\Windows\system32\nvdispgenco6435362.dll [MD5.4D9F9754BF427EA72B72EB6D65EDB0E0] - [19/06/2016 21:19:49] - |A| - [1571776] - C:\Windows\system32\nvdispgenco6436839.dll [MD5.4B7827B4B511DC03105C367A907922CB] - [19/06/2016 21:19:49] - |A| - [502080] - C:\Windows\system32\nvEncodeAPI64.dll [MD5.86A698106F3C3426ADD58220FAC4D55C] - [19/06/2016 21:19:49] - |A| - [669952] - C:\Windows\system32\nvfatbinaryLoader.dll [MD5.538AB538D3B2C44F610B2FE84B339B1F] - [19/06/2016 21:19:49] - |A| - [985144] - C:\Windows\system32\NvFBC64.dll [MD5.700BB5E42A4D3F361EA0627519F547E0] - [19/06/2016 21:19:49] - |A| - [1581624] - C:\Windows\system32\nvhdagenco64.dll [MD5.2905530015375E6E8AD8820B877EE6CE] - [19/06/2016 20:50:39] - |A| - [1567576] - C:\Windows\system32\nvhdagenco6420103.dll [MD5.8848D5DBFA0AF589FEFE0334B6FC30EB] - [19/06/2016 21:19:49] - |A| - [46024] - C:\Windows\system32\nvhdap64.dll [MD5.298C076A9F7E44988D2D290588D98B8A] - [19/06/2016 21:19:49] - |A| - [908736] - C:\Windows\system32\NvIFR64.dll [MD5.BC251536851AC22184176FA22E38DF47] - [19/06/2016 21:19:49] - |A| - [425016] - C:\Windows\system32\NvIFROpenGL.dll [MD5.4F153F9409A90986E89C73A6B30202A1] - [19/06/2016 20:49:56] - |A| - [39124] - C:\Windows\system32\nvinfo.pb [MD5.7FFF54E259B0243F94AD7E3DACB0F34E] - [19/06/2016 21:19:49] - |A| - [178136] - C:\Windows\system32\nvinitx.dll [MD5.A60A8FEADD41D01836C14683B4EBBFA4] - [19/06/2016 20:50:22] - |A| - [392128] - C:\Windows\system32\nvmctray.dll [MD5.2015D9F67A405112B08ABC03D39276C0] - [19/06/2016 21:19:49] - |A| - [153416] - C:\Windows\system32\nvoglshim64.dll [MD5.38CDD45BD4E985CC66DF3323524761B4] - [19/06/2016 21:19:49] - |A| - [31603768] - C:\Windows\system32\nvoglv64.dll [MD5.CA52286DCBFA4D838235E9C8990370D4] - [19/06/2016 21:19:49] - |A| - [21802280] - C:\Windows\system32\nvopencl.dll [MD5.EB30793E77717F6F924F36EA6213CCEF] - [19/06/2016 21:19:49] - |A| - [10643240] - C:\Windows\system32\nvptxJitCompiler.dll [MD5.B537BF43DB70CB9B316BEC73A59AED9F] - [20/06/2016 01:20:57] - |A| - [112032] - C:\Windows\system32\NvRtmpStreamer64.dll [MD5.A8ED357AE7A62E6ECF26F677FEA11386] - [19/06/2016 20:50:22] - |A| - [71224] - C:\Windows\system32\nvshext.dll [MD5.6DE210F9D4CCE5DE59940FF4C9D7F2FF] - [19/06/2016 20:51:23] - |A| - [1756608] - C:\Windows\system32\nvspbridge64.dll [MD5.AF39EF1233B33749B69A8FE07ABFD3E6] - [19/06/2016 20:51:23] - |A| - [1767944] - C:\Windows\system32\nvspcap64.dll [MD5.7BAA37D6763911716FD4F8F811654021] - [19/06/2016 20:50:22] - |A| - [2453952] - C:\Windows\system32\nvsvc64.dll [MD5.09D3943BC65D2060DA5C30C40B2AD173] - [19/06/2016 20:50:22] - |A| - [1764408] - C:\Windows\system32\nvsvcr.dll [MD5.B1B0E56F28AEBACC15F8A950C41F0157] - [19/06/2016 21:19:49] - |A| - [476664] - C:\Windows\system32\nvumdshimx.dll [MD5.27F1E6074709F1BEFE011DDEA6A11373] - [19/06/2016 20:50:22] - |A| - [1351104] - C:\Windows\system32\nvvsvc.exe [MD5.64F78413399AE24CF48FE8E22B025A06] - [19/06/2016 21:19:49] - |A| - [19180152] - C:\Windows\system32\nvwgf2umx.dll [MD5.76CB184041C6D21838BC1DF903E3C155] - [22/06/2016 01:30:39] - |A| - [161792] - C:\Windows\system32\ocsetapi.dll [MD5.066DA0F1237E3AFD48792739EEEEC03D] - [22/06/2016 01:30:39] - |A| - [186368] - C:\Windows\system32\ocsetup.exe [MD5.7FF8E121AFA05BDAB23B9FEDCDAB7A33] - [22/06/2016 01:31:09] - |A| - [720896] - C:\Windows\system32\odbc32.dll [MD5.93BF245D8A1DB0BF1C8A3FFDFF3E2C83] - [22/06/2016 01:29:28] - |A| - [53248] - C:\Windows\system32\odbcconf.dll [MD5.93FBF8D840C2B496FD3833108AAB5825] - [22/06/2016 01:30:05] - |A| - [163840] - C:\Windows\system32\odbccp32.dll [MD5.D01AF6EE1C350D8B34BF2D780A229DEC] - [22/06/2016 01:30:05] - |A| - [212992] - C:\Windows\system32\odbctrac.dll [MD5.00000000000000000000000000000000] - [20/06/2016 04:54:09] - |D| - [159344] - C:\Windows\system32\oem [MD5.6C60B5ACA7442EFB794082CDACFC001C] - [22/06/2016 01:31:22] - |A| - [2086912] - C:\Windows\system32\ole32.dll [MD5.42F05F980F164E084DB65B2E8CD8430F] - [22/06/2016 01:31:08] - |A| - [861696] - C:\Windows\system32\oleaut32.dll [MD5.73FCB7919DEE80EE556F2E498594EBAE] - [22/06/2016 01:30:24] - |A| - [235520] - C:\Windows\system32\onex.dll [MD5.31ABDD039F63BABBED8C031F87E0F6DE] - [22/06/2016 01:29:28] - |A| - [1080320] - C:\Windows\system32\onexui.dll [MD5.C4E28504E92F7D34C830C9D767B9948D] - [22/06/2016 01:30:06] - |A| - [221696] - C:\Windows\system32\OnLineIDCpl.dll [MD5.FCF433BFE9F44C8FD2FAF1E8DED23D72] - [22/06/2016 01:30:06] - |A| - [898560] - C:\Windows\system32\OobeFldr.dll [MD5.03DC34242009D26061A4B1E91DF51C9B] - [22/06/2016 01:29:47] - |A| - [1911808] - C:\Windows\system32\OpcServices.dll [MD5.14FBACFCBDED3728E7F7AAA327E9AE4C] - [19/06/2016 20:50:17] - |A| - [112968] - C:\Windows\system32\OpenCL.dll [MD5.CF6850A72BEB4845A3BFFB3F5E8014B2] - [22/06/2016 01:30:07] - |A| - [300032] - C:\Windows\system32\pdh.dll [MD5.E6D09EBCDBB8FA5FF4A3448C57FFBFAC] - [20/06/2016 04:53:54] - |A| - [149110] - C:\Windows\system32\perfc00C.dat [MD5.DC8560036F238C904DC9FBCEA7796D54] - [22/06/2016 01:30:29] - |A| - [658432] - C:\Windows\system32\PerfCenterCPL.dll [MD5.07BA000B2E67565BDF112C35171865A5] - [20/06/2016 04:53:54] - |A| - [38160] - C:\Windows\system32\perfd00C.dat [MD5.3453E9A0C1E3D5BAFEC5065CDD786817] - [20/06/2016 04:53:54] - |A| - [746094] - C:\Windows\system32\perfh00C.dat [MD5.04F6C9757DB75FF27C427E5B31DDB289] - [20/06/2016 04:53:54] - |A| - [344522] - C:\Windows\system32\perfi00C.dat [MD5.3EB98CFF1C242167DF5FDBC6441CE3C5] - [22/06/2016 01:29:42] - |A| - [172544] - C:\Windows\system32\perfmon.exe [MD5.B0951D9AF84D9639CF81BC99BE4084C0] - [22/06/2016 01:30:40] - |A| - [477696] - C:\Windows\system32\PhotoScreensaver.scr [MD5.19A6EDD4236403AE9869D12BEDF2B11E] - [22/06/2016 01:30:42] - |A| - [409600] - C:\Windows\system32\photowiz.dll [MD5.3924400E5C14A561E3C7279B95523160] - [22/06/2016 01:29:06] - |A| - [35328] - C:\Windows\system32\pifmgr.dll [MD5.4E39FFB3BEB58A232429E44C60ED1264] - [22/06/2016 01:30:39] - |A| - [199168] - C:\Windows\system32\PkgMgr.exe [MD5.C7CF6A6E137463219E1259E3F0F0DD6C] - [22/06/2016 01:30:40] - |A| - [1389056] - C:\Windows\system32\pla.dll [MD5.10F815BE90A66AAFC6C713D1BD626064] - [22/06/2016 01:30:52] - |A| - [1808384] - C:\Windows\system32\pnidui.dll [MD5.F848764F21653CB94037945A76A59171] - [22/06/2016 01:29:29] - |A| - [62976] - C:\Windows\system32\PnPUnattend.exe [MD5.F28D6538F76DC6ECFABF6176DBDD2664] - [20/06/2016 23:23:53] - |A| - [142336] - C:\Windows\system32\poqexec.exe [MD5.E64D9EC8018C55873B40FDEE9DBEF5B3] - [22/06/2016 01:31:02] - |A| - [758272] - C:\Windows\system32\PortableDeviceApi.dll [MD5.8166A3DAFCB98790436F9B8B686C0608] - [22/06/2016 01:29:29] - |A| - [435712] - C:\Windows\system32\PortableDeviceStatus.dll [MD5.854D93A45BA56523FB73599BF0852604] - [22/06/2016 01:29:29] - |A| - [224256] - C:\Windows\system32\PortableDeviceSyncProvider.dll [MD5.AC2170D1DDEEA5CEDE106DA188F18138] - [22/06/2016 01:29:53] - |A| - [173568] - C:\Windows\system32\powercfg.cpl [MD5.55EDFADBEFB5B1C28DCE340DDCD2206E] - [22/06/2016 01:30:21] - |A| - [486400] - C:\Windows\system32\powercpl.dll [MD5.8A1846C0817513AD18BA48B4427771FC] - [22/06/2016 01:31:19] - |A| - [320352] - C:\Windows\system32\PresentationHost.exe [MD5.33E4AFE6DCBC638771AFD25D556D8E5D] - [22/06/2016 01:31:19] - |A| - [109928] - C:\Windows\system32\PresentationHostProxy.dll [MD5.A6F8D318F6041334889481B472000081] - [22/06/2016 01:29:53] - |A| - [176640] - C:\Windows\system32\PresentationSettings.exe [MD5.6B05D2C6A32F3D7CE89E4ECEF7C3B7A5] - [22/06/2016 01:29:28] - |A| - [31232] - C:\Windows\system32\prevhost.exe [MD5.C5AC93CF3BA30D367FB49148A2B673B9] - [22/06/2016 01:29:35] - |A| - [48128] - C:\Windows\system32\PrintIsolationProxy.dll [MD5.BA0F80C7878558C28B1B298E94D259FF] - [22/06/2016 01:30:40] - |A| - [1050624] - C:\Windows\system32\printui.dll [MD5.A1CDE92DDC170D307DB3C5BAA348811B] - [22/06/2016 01:30:42] - |A| - [183808] - C:\Windows\system32\prncache.dll [MD5.2D2A6EC8EAD30EC3ACE2FD6FB1B3E122] - [22/06/2016 01:30:07] - |A| - [416256] - C:\Windows\system32\prnfldr.dll [MD5.F5F9D892E8196C074C3A159569EEB886] - [22/06/2016 01:30:20] - |A| - [156160] - C:\Windows\system32\prntvpt.dll [MD5.F97883C70C964AF913C4D1BD37D38A57] - [22/06/2016 01:29:28] - |A| - [33792] - C:\Windows\system32\profprov.dll [MD5.5C78838B4D166D1A27DB3A8A820C799A] - [22/06/2016 01:30:40] - |A| - [209920] - C:\Windows\system32\profsvc.dll [MD5.F06BB4E336EA57511FDBAFAFCC47DE62] - [22/06/2016 01:31:10] - |A| - [1212416] - C:\Windows\system32\propsys.dll [MD5.C6C83C0DF40E11FA1F06625E95E41DE7] - [22/06/2016 01:30:07] - |A| - [31744] - C:\Windows\system32\proquota.exe [MD5.ED9979382836AFCF5BACC66D5325D30A] - [19/06/2016 19:46:14] - |RA| - [553784] - C:\Windows\system32\PROUnstl.exe [MD5.908ACB1F594274965A53926B10C81E89] - [22/06/2016 01:30:09] - |A| - [187904] - C:\Windows\system32\provsvc.dll [MD5.92545BE920E55B1677786FB4C183B329] - [22/06/2016 01:30:06] - |A| - [108032] - C:\Windows\system32\psisrndr.ax [MD5.DE418798DA91AAA067A2EF41D8A7B886] - [22/06/2016 01:30:24] - |A| - [429568] - C:\Windows\system32\puiobj.dll [MD5.0C4DED0FF69B4EBCC487295C68EDB1AA] - [22/06/2016 01:31:10] - |A| - [55296] - C:\Windows\system32\PushPrinterConnections.exe [MD5.6B851E682A36453E1B1EE297FFB6E2AB] - [22/06/2016 01:30:55] - |A| - [266240] - C:\Windows\system32\QAGENT.DLL [MD5.582AC6D9873E31DFA28A4547270862DD] - [22/06/2016 01:31:10] - |A| - [476160] - C:\Windows\system32\QAGENTRT.DLL [MD5.17A39E50921D061FB792F565B0849363] - [22/06/2016 01:29:28] - |A| - [23040] - C:\Windows\system32\qappsrv.exe [MD5.605A399F42B09D6147DDAC2C7851BD36] - [22/06/2016 01:29:40] - |A| - [254464] - C:\Windows\system32\qasf.dll [MD5.EDEC311F8BC0C12117A6492C382BE4D7] - [22/06/2016 01:29:29] - |A| - [181248] - C:\Windows\system32\qcap.dll [MD5.FE536088C8A94F0E6AEDAE34342B056E] - [22/06/2016 01:29:29] - |A| - [79872] - C:\Windows\system32\QCLIPROV.DLL [MD5.E4A343322CF7F4463DF18DDF04109BF3] - [22/06/2016 01:29:29] - |A| - [250880] - C:\Windows\system32\qdv.dll [MD5.AFCEB74CD93E7B494BBA1CC026841C33] - [22/06/2016 01:30:06] - |A| - [366592] - C:\Windows\system32\qdvd.dll [MD5.194ABF8D943999276C9EE0B4922E45B4] - [22/06/2016 01:30:15] - |A| - [624128] - C:\Windows\system32\qedit.dll [MD5.1EA7969E3271CBC59E1730697DC74682] - [22/06/2016 01:31:11] - |A| - [849920] - C:\Windows\system32\qmgr.dll [MD5.FE043CC325B7095FEF9C8EE1567A662C] - [22/06/2016 01:29:28] - |A| - [26624] - C:\Windows\system32\qprocess.exe [MD5.DD853B7E91F22F842B8C8CB5096EE3B3] - [22/06/2016 01:30:40] - |A| - [223232] - C:\Windows\system32\QSHVHOST.DLL [MD5.EC5F6EE00337DB400229B69FB43F92C5] - [22/06/2016 01:29:29] - |A| - [124416] - C:\Windows\system32\QSVRMGMT.DLL [MD5.EEBF65C66183A22431818953D960EF8C] - [22/06/2016 01:30:59] - |A| - [1572352] - C:\Windows\system32\quartz.dll [MD5.FF2B106909EED48C536DA04742C0324A] - [22/06/2016 01:30:56] - |A| - [2055680] - C:\Windows\system32\Query.dll [MD5.3DBFBF22B2539FF7D1EB67DD2C5BB69D] - [22/06/2016 01:29:24] - |A| - [16384] - C:\Windows\system32\query.exe [MD5.B9F0A4020AA98B7A20287BF7FE99A1FD] - [22/06/2016 01:30:23] - |A| - [107520] - C:\Windows\system32\QUTIL.DLL [MD5.8882AD10853E45402CABD3BAF48A7EFC] - [19/06/2016 19:28:06] - |A| - [124176] - C:\Windows\system32\R4EEA64A.dll [MD5.0B5EF50E26CFD1E7BF01E32E053532B2] - [19/06/2016 19:28:06] - |A| - [434960] - C:\Windows\system32\R4EED64A.dll [MD5.01096663377134C41D618AF0E53A953E] - [19/06/2016 19:28:06] - |A| - [75024] - C:\Windows\system32\R4EEG64A.dll [MD5.D0EB28022A91A5C084E8A7DEBB08D8D2] - [19/06/2016 19:28:06] - |A| - [141584] - C:\Windows\system32\R4EEL64A.dll [MD5.03625A179B27362D3A90E3331AEBE95E] - [19/06/2016 19:28:06] - |A| - [7164176] - C:\Windows\system32\R4EEP64A.dll [MD5.B24450E38722F69F338533A36ECFFC29] - [22/06/2016 01:31:21] - |A| - [1556992] - C:\Windows\system32\RacEngn.dll [MD5.C236A8735A48B165A2A7724357DBE332] - [22/06/2016 01:29:01] - |A| - [105559] - C:\Windows\system32\RacRules.xml [MD5.6A84E68B538B8B04608BF2F0D426CE6F] - [22/06/2016 01:29:36] - |A| - [337920] - C:\Windows\system32\raschap.dll [MD5.EE867A0870FC9E4972BA9EAAD35651E2] - [22/06/2016 01:30:23] - |A| - [344064] - C:\Windows\system32\rasmans.dll [MD5.A717A35120DBAB5AB707AB40662AF9DD] - [22/06/2016 01:30:08] - |A| - [211456] - C:\Windows\system32\rasppp.dll [MD5.7373DE70D405FF08DC53336B83989138] - [22/06/2016 01:30:23] - |A| - [424448] - C:\Windows\system32\rastls.dll [MD5.6D4A4DE8DD646D5815904696F7F66388] - [19/06/2016 19:28:15] - |A| - [946392] - C:\Windows\system32\RCoInstII64.dll [MD5.22D134EFFA8690EB164A729D33DC9EA5] - [19/06/2016 19:28:09] - |A| - [55506944] - C:\Windows\system32\RCoRes64.dat [MD5.EF00EAD1A0C4978C685BEB83FF1C9EF6] - [22/06/2016 01:29:23] - |A| - [10240] - C:\Windows\system32\rdpcfgex.dll [MD5.25D284EB2F12254C001AFE9A82575A81] - [22/06/2016 01:30:52] - |A| - [210944] - C:\Windows\system32\rdpclip.exe [MD5.12EF9606585C3451BACFE99A2AAD24C7] - [22/06/2016 01:30:39] - |A| - [1031680] - C:\Windows\system32\rdpcore.dll [MD5.EBA8C525E8427E9F75BF340F3C043690] - [22/06/2016 01:30:07] - |A| - [149504] - C:\Windows\system32\rdpcorekmts.dll [MD5.7BBB50EAFEFFF7A617C359CE163A070A] - [22/06/2016 01:31:28] - |A| - [1109504] - C:\Windows\system32\rdpcorets.dll [MD5.FA2F60F09DDF459CB4AA9DE8A83B65B3] - [22/06/2016 01:30:05] - |A| - [68096] - C:\Windows\system32\rdpd3d.dll [MD5.0BF4362E18DFC52382F418278DCC52C4] - [22/06/2016 01:31:14] - |A| - [274944] - C:\Windows\system32\rdpdd.dll [MD5.FF6148B1C150DA05D35C68D143AD6DEA] - [22/06/2016 01:29:28] - |A| - [147456] - C:\Windows\system32\RDPENCDD.dll [MD5.4FFB0D0E913D8A2767F6D8B7C0375208] - [22/06/2016 01:29:42] - |A| - [222208] - C:\Windows\system32\rdpencom.dll [MD5.F145002386400162C9F66DD29702976F] - [22/06/2016 01:30:51] - |A| - [167424] - C:\Windows\system32\rdpendp.dll [MD5.664E12E0EA009CC98C2B578FF4983C62] - [22/06/2016 01:30:41] - |A| - [178176] - C:\Windows\system32\rdpinit.exe [MD5.F890B16A75982537CDDDD1F5F8298337] - [22/06/2016 01:29:24] - |A| - [23040] - C:\Windows\system32\rdprefdrvapi.dll [MD5.A62DFCEA3A58BA8FCF32F831F018FE3F] - [22/06/2016 01:31:00] - |A| - [299520] - C:\Windows\system32\rdpshell.exe [MD5.0743AAC1E6A1D6D338B44A7B081E06B2] - [22/06/2016 01:30:19] - |A| - [66048] - C:\Windows\system32\rdpsign.exe [MD5.A2A8F4FA7DC5927276D31D4F1E099E69] - [22/06/2016 01:31:14] - |A| - [162816] - C:\Windows\system32\rdpudd.dll [MD5.5CB328C0A51B9DC8067581474E1E07C2] - [22/06/2016 01:30:06] - |A| - [77312] - C:\Windows\system32\rdpwsx.dll [MD5.53FDA4AF81E7C4895357A50E848B7CFE] - [22/06/2016 01:31:28] - |A| - [95744] - C:\Windows\system32\RDVGHelper.exe [MD5.8CE1C165396F2453012B3E23ADD9DF76] - [22/06/2016 01:30:05] - |A| - [313856] - C:\Windows\system32\ReAgent.dll [MD5.F3B306179F1840C0813DC6771B018358] - [22/06/2016 01:30:06] - |A| - [238080] - C:\Windows\system32\recdisc.exe [MD5.2F6DA6A2C092BC61F0324E3C52935252] - [22/06/2016 01:30:06] - |A| - [146944] - C:\Windows\system32\recovery.dll [MD5.E377BBA01F34E4183C32E5BBD688CE83] - [22/06/2016 01:30:23] - |A| - [95232] - C:\Windows\system32\regapi.dll [MD5.97F5D9014617AB0025F9CC5DD9FF6FF2] - [22/06/2016 01:29:29] - |A| - [98816] - C:\Windows\system32\RegisterIEPKEYs.exe [MD5.1A0882C441AB2A685DAF076FF15F6482] - [22/06/2016 01:29:28] - |A| - [43008] - C:\Windows\system32\relog.exe [MD5.9498656CAE8A5047B9CD4C69075FF66B] - [22/06/2016 01:29:53] - |A| - [153088] - C:\Windows\system32\remotepg.dll [MD5.5A1976E146C82EE36611AD47DF626B1E] - [22/06/2016 01:29:28] - |A| - [51712] - C:\Windows\system32\repair-bde.exe [MD5.2A520FF878C453E6CA3F2E6F7CA6E7ED] - [22/06/2016 01:29:24] - |A| - [16896] - C:\Windows\system32\reset.exe [MD5.D45BE8BAED0B82F6BBC9D9421FA8FA1C] - [22/06/2016 01:29:45] - |A| - [241664] - C:\Windows\system32\Ribbons.scr [MD5.850BD2D2D9CB5894935C3B6333CAD6FD] - [22/06/2016 01:30:22] - |A| - [633344] - C:\Windows\system32\riched20.dll [MD5.3181F76ED237CC3D50D10CEA05AF8B60] - [22/06/2016 01:29:23] - |A| - [10752] - C:\Windows\system32\riched32.dll [MD5.C8AAF0D10B1BC3844E51BFC19F48004B] - [22/06/2016 01:31:23] - |A| - [359424] - C:\Windows\system32\RMActivate.exe [MD5.89F8615C9A46998F8808E3BD384FE3EE] - [22/06/2016 01:31:24] - |A| - [362496] - C:\Windows\system32\RMActivate_isv.exe [MD5.B5BCBC935B89B4BB38F0FC7378A52F65] - [22/06/2016 01:29:28] - |A| - [306688] - C:\Windows\system32\RMActivate_ssp.exe [MD5.A6DE0C14462B422D24FCB88AF4C3D67B] - [22/06/2016 01:29:28] - |A| - [305152] - C:\Windows\system32\RMActivate_ssp_isv.exe [MD5.0A551CCDEF9D6F99A008B5B075354650] - [22/06/2016 01:30:34] - |A| - [128000] - C:\Windows\system32\Robocopy.exe [MD5.E9D4A333DF15D06C68AC4BFB9B6581CB] - [19/06/2016 19:28:15] - |A| - [310104] - C:\Windows\system32\RP3DAA64.dll [MD5.B6FE01558CC03F3866C9AD0ED19261D8] - [19/06/2016 19:28:15] - |A| - [310104] - C:\Windows\system32\RP3DHT64.dll [MD5.F38FA28124B1F9A7676A08CE2980344C] - [22/06/2016 01:30:39] - |A| - [187904] - C:\Windows\system32\rpchttp.dll [MD5.0611473C1AD9E2D991CD9482068417F7] - [22/06/2016 01:31:22] - |A| - [1219584] - C:\Windows\system32\rpcrt4.dll [MD5.C2A8CB1275ECB85D246A9ECC02A728E3] - [22/06/2016 01:30:22] - |A| - [65536] - C:\Windows\system32\RpcRtRemote.dll [MD5.5C627D1B1138676C0A7AB2C2C190D123] - [22/06/2016 01:31:10] - |A| - [512000] - C:\Windows\system32\rpcss.dll [MD5.3DB5A1EACE7F3049ECC49FA64461E254] - [22/06/2016 01:30:05] - |A| - [296960] - C:\Windows\system32\rstrui.exe [MD5.14034C2BA3D17139EEC0CB1D4D213DA6] - [19/06/2016 19:28:17] - |A| - [1286872] - C:\Windows\system32\RTCOM64.dll [MD5.AB41DE46A8AF724A2F3AFA9196BADD6E] - [19/06/2016 19:28:17] - |A| - [624344] - C:\Windows\system32\RtDataProc64.dll [MD5.A6286A6C7A1BBFCBA17AA54384A21D1C] - [19/06/2016 19:28:16] - |A| - [204120] - C:\Windows\system32\RTEED64A.dll [MD5.6F4CD493196100EEF349D7132CECAFD9] - [19/06/2016 19:28:16] - |A| - [78680] - C:\Windows\system32\RTEEG64A.dll [MD5.ECAEC5FBBBEF8612AF0A866AFA5F7EF2] - [19/06/2016 19:28:16] - |A| - [101208] - C:\Windows\system32\RTEEL64A.dll [MD5.D0D0D82B7366E691275E433CD34F89B2] - [19/06/2016 19:28:16] - |A| - [375128] - C:\Windows\system32\RTEEP64A.dll [MD5.859A6A3DCA742EA7ECDB4165ACDE835B] - [19/06/2016 19:28:18] - |A| - [1024216] - C:\Windows\system32\RtkApi64.dll [MD5.F236C5EFCD257E5B7FA1513CA8864843] - [19/06/2016 19:28:17] - |A| - [2788056] - C:\Windows\system32\RtkAPO64.dll [MD5.0805289E121F3E3C458C970B08314EB2] - [19/06/2016 19:28:18] - |A| - [149608] - C:\Windows\system32\RtkCfg64.dll [MD5.8814A281406553A2640D6A04702C63BD] - [19/06/2016 19:28:18] - |A| - [14952] - C:\Windows\system32\RtkCoLDR64.dll [MD5.CA1D7D09854D305A64B100DC1400BA21] - [19/06/2016 19:28:19] - |A| - [331880] - C:\Windows\system32\RtlCPAPI64.dll [MD5.80B20B593B6E1A6739DCC02A6F9E7B01] - [19/06/2016 19:28:17] - |A| - [2825432] - C:\Windows\system32\RtPgEx64.dll [MD5.F0D94C5786977B4C44A914683DEBAA9A] - [19/06/2016 19:28:16] - |A| - [1958616] - C:\Windows\system32\RTSnMg64.cpl [MD5.B53C4B69B695EDA1B7E41D35CA4244E2] - [22/06/2016 01:30:09] - |A| - [52224] - C:\Windows\system32\rtutils.dll [MD5.025E7DBDB98866ED3CB2D4DDA70B364D] - [22/06/2016 01:29:39] - |A| - [56832] - C:\Windows\system32\runonce.exe [MD5.C59DC915FFC4E1BCEA09A2F9D1E0799D] - [22/06/2016 01:29:28] - |A| - [21504] - C:\Windows\system32\rwinsta.exe [MD5.FC51229C7D4AFA0D6F186133728B95AB] - [22/06/2016 01:30:23] - |A| - [67584] - C:\Windows\system32\samcli.dll [MD5.A744BA6E04C8AA4592818178DBF89521] - [22/06/2016 01:30:54] - |A| - [758784] - C:\Windows\system32\samsrv.dll [MD5.7A59CC95C9AA105184C607AC4CDE0D3E] - [22/06/2016 01:30:52] - |A| - [1118208] - C:\Windows\system32\sbe.dll [MD5.F62B62E3CAAB44E6C6056955954AE86F] - [22/06/2016 01:30:40] - |A| - [303616] - C:\Windows\system32\scansetting.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - [22/06/2016 01:29:28] - |A| - [10429] - C:\Windows\system32\ScavengeSpace.xml [MD5.F55F754866D79A11D5B36DA1A17E6737] - [22/06/2016 01:31:04] - |A| - [146944] - C:\Windows\system32\scavengeui.dll [MD5.ED78427259134C63ED69804D2132B86C] - [22/06/2016 01:30:25] - |A| - [232960] - C:\Windows\system32\scecli.dll [MD5.BBCDF350817BA86416C0F06B6981BE8D] - [22/06/2016 01:30:23] - |A| - [406016] - C:\Windows\system32\scesrv.dll [MD5.A199DE544BF5C61C134B22C7592226FC] - [22/06/2016 01:31:11] - |A| - [340992] - C:\Windows\system32\schannel.dll [MD5.C4BFE4B61086416B0529212F92BCE081] - [22/06/2016 01:29:28] - |A| - [24064] - C:\Windows\system32\schedcli.dll [MD5.262F6592C3299C005FD6BEC90FC4463A] - [22/06/2016 01:31:22] - |A| - [1110016] - C:\Windows\system32\schedsvc.dll [MD5.97E0EC3D6D99E8CC2B17EF2D3760E8FC] - [22/06/2016 01:30:42] - |A| - [285696] - C:\Windows\system32\schtasks.exe [MD5.5CBB682DF172AC4D818E2E49DA2B4A19] - [22/06/2016 01:30:24] - |A| - [568832] - C:\Windows\system32\scrptadm.dll [MD5.CDEBD55FFBDA3889AA2A8CE52B9DC097] - [22/06/2016 01:30:21] - |A| - [1264640] - C:\Windows\system32\sdclt.exe [MD5.E7B1B5D5A1D1E4C77AE995D725A1FEE5] - [22/06/2016 01:30:06] - |A| - [762368] - C:\Windows\system32\sdcpl.dll [MD5.11C405A2DCF38E098316FD904A4FB662] - [22/06/2016 01:30:23] - |A| - [1120768] - C:\Windows\system32\sdengin2.dll [MD5.6EA4234DC55346E0709560FE7C2C1972] - [22/06/2016 01:30:06] - |A| - [170496] - C:\Windows\system32\sdrsvc.dll [MD5.B0F69B9DE0AEBFD7E4CEADE6758DF627] - [22/06/2016 01:31:13] - |A| - [867840] - C:\Windows\system32\SearchFolder.dll [MD5.BC617A4E1B4FA8DF523A061739A0BD87] - [22/06/2016 01:29:45] - |A| - [30720] - C:\Windows\system32\seclogon.dll [MD5.DB7E9251C0EE697FCFAE2406097BF611] - [22/06/2016 01:31:23] - |A| - [488448] - C:\Windows\system32\secproc.dll [MD5.1C27130219A604124E9E19C26B2E31EB] - [22/06/2016 01:31:25] - |A| - [485888] - C:\Windows\system32\secproc_isv.dll [MD5.A9CD8CA91A60D6CF28719008C553BC08] - [22/06/2016 01:29:29] - |A| - [121856] - C:\Windows\system32\secproc_ssp.dll [MD5.BCC2CE468E24159FFEF2134D6566D117] - [22/06/2016 01:29:29] - |A| - [121856] - C:\Windows\system32\secproc_ssp_isv.dll [MD5.858DF0795CB5B4BACE0F33708925A414] - [22/06/2016 01:30:05] - |A| - [28160] - C:\Windows\system32\secur32.dll [MD5.B3F03B594E7A6353273D43F6E7EA1D25] - [22/06/2016 01:30:21] - |A| - [2250752] - C:\Windows\system32\SensorsCpl.dll [MD5.0B6231BF38174A1628C4AC812CC75804] - [22/06/2016 01:30:50] - |A| - [121856] - C:\Windows\system32\SessEnv.dll [MD5.AEBA315A5631B407A2E9C6E1BD711A9D] - [22/06/2016 01:29:29] - |A| - [63488] - C:\Windows\system32\setbcdlocale.dll [MD5.3BCB70DA9B5A2011E01E35ED29A3F3F3] - [22/06/2016 01:30:05] - |A| - [279040] - C:\Windows\system32\sethc.exe [MD5.5D8E6C95156ED1F79A63D1EADE6F9ED5] - [22/06/2016 01:31:10] - |A| - [1900544] - C:\Windows\system32\setupapi.dll [MD5.8C3D0C73A0850A0EE62DF9EC36DBDE80] - [19/06/2016 19:46:15] - |N| - [1904] - C:\Windows\system32\SetupBD.din [MD5.C6B0B5AA20C8E51234A039472ABA75B2] - [22/06/2016 01:30:23] - |A| - [88576] - C:\Windows\system32\setupcl.exe [MD5.17ABCAD44A75C635583A238ED6333357] - [19/06/2016 19:28:19] - |A| - [78688] - C:\Windows\system32\SFAPO64.dll [MD5.2C25AF115BDDC05D9A84D26227A08E63] - [19/06/2016 19:28:19] - |A| - [81248] - C:\Windows\system32\SFCOM64.dll [MD5.7B3E9344FB43D799C6462227A0E65877] - [19/06/2016 19:28:19] - |A| - [221024] - C:\Windows\system32\SFNHK64.dll [MD5.B4D7A07098508A3BCC3C57612F890F98] - [19/06/2016 19:28:20] - |A| - [947760] - C:\Windows\system32\SFSS_APO.dll [MD5.4E9C2DB10F7E6AE91BF761139D4B745B] - [22/06/2016 01:29:29] - |A| - [135168] - C:\Windows\system32\shacct.dll [MD5.C92170F5FFAB62A94D5435AD5259F30A] - [22/06/2016 01:29:28] - |A| - [21504] - C:\Windows\system32\shadow.exe [MD5.B4296172C4766788BA1D087941372E54] - [22/06/2016 01:30:21] - |A| - [357888] - C:\Windows\system32\sharemediacpl.dll [MD5.C4F40F6CACD796A8E16671D0E9A2F319] - [22/06/2016 01:30:07] - |A| - [196608] - C:\Windows\system32\shdocvw.dll [MD5.26E716ED95DC48CF6E5AC046089366AF] - [22/06/2016 01:31:27] - |A| - [14174208] - C:\Windows\system32\shell32.dll [MD5.F1D89890A434B46242DFB73EB2DAEE5A] - [22/06/2016 01:29:23] - |A| - [28160] - C:\Windows\system32\shgina.dll [MD5.00EED37FFA36C9FCF8370160596B891E] - [22/06/2016 01:29:29] - |A| - [37376] - C:\Windows\system32\shimgvw.dll [MD5.EAF32CB8C1F810E4715B4DFBE785C7FF] - [22/06/2016 01:31:01] - |A| - [448512] - C:\Windows\system32\shlwapi.dll [MD5.431DC374BB338D99400B24FAC576D7D1] - [22/06/2016 01:30:21] - |A| - [130048] - C:\Windows\system32\shsetup.dll [MD5.AAF932B4011D14052955D4B212A4DA8D] - [22/06/2016 01:30:41] - |A| - [370688] - C:\Windows\system32\shsvcs.dll [MD5.33CFB33A0BBEA072A8BEE03618D9EC38] - [22/06/2016 01:29:22] - |A| - [11264] - C:\Windows\system32\shunimpl.dll [MD5.4A6305A5386DA8293E218F60B0BA12FA] - [22/06/2016 01:30:06] - |A| - [451072] - C:\Windows\system32\shwebsvc.dll [MD5.67B6B783979C8CF96DCCC2813CB21C10] - [22/06/2016 01:30:06] - |A| - [24064] - C:\Windows\system32\sisbkup.dll [MD5.DDD40BFA6C2C1BC92C944A9CA204D41C] - [19/06/2016 19:28:23] - |A| - [899320] - C:\Windows\system32\sl3apo64.dll [MD5.930D5291EC96FC99E22407A074C13FF3] - [19/06/2016 19:28:24] - |A| - [1045752] - C:\Windows\system32\slcnt64.dll [MD5.D1FC86937CCC7E9F896DA7A896881C55] - [19/06/2016 19:28:24] - |A| - [245496] - C:\Windows\system32\slprp64.dll [MD5.5F3FEA9F445A7FF2CECDBC2CDBF39C93] - [19/06/2016 19:28:24] - |A| - [724728] - C:\Windows\system32\sltech64.dll [MD5.C5CE5CE799387E82B7698A0EE5544A6D] - [22/06/2016 01:30:07] - |A| - [349696] - C:\Windows\system32\slui.exe [MD5.B6D6886149573278CBA6ABD44C4317F5] - [22/06/2016 01:30:00] - |A| - [15360] - C:\Windows\system32\slwga.dll [MD5.CA2985996BB49924B677113DF95CFEA7] - [22/06/2016 01:30:05] - |A| - [189952] - C:\Windows\system32\SmartcardCredentialProvider.dll [MD5.4BE691DE828BFC1CB1EBBC767586D73A] - [22/06/2016 01:30:19] - |A| - [933376] - C:\Windows\system32\SmiEngine.dll [MD5.C3489639EC8E181044F6C6BFD3D01AC9] - [22/06/2016 01:30:23] - |A| - [273920] - C:\Windows\system32\SndVol.exe [MD5.D7F1EF374A90709B31591823B002F918] - [22/06/2016 01:30:08] - |A| - [225280] - C:\Windows\system32\SndVolSSO.dll [MD5.C5BC9544F0C5C6532EFA9508732244C2] - [22/06/2016 01:29:29] - |A| - [78848] - C:\Windows\system32\spbcd.dll [MD5.29C1D5B330B802EFA1A8357373BC97FE] - [22/06/2016 01:31:14] - |A| - [598016] - C:\Windows\system32\spinstall.exe [MD5.B96C17B5DC1424D56EEA3A99E97428CD] - [22/06/2016 01:30:49] - |A| - [559104] - C:\Windows\system32\spoolsv.exe [MD5.826E2C7B96B024A203D237E7AFB5A81C] - [22/06/2016 01:29:28] - |A| - [18944] - C:\Windows\system32\spopk.dll [MD5.B7AC66C1CCD87D7C49256B5451DED4FA] - [22/06/2016 01:30:40] - |A| - [244224] - C:\Windows\system32\spp.dll [MD5.DB76DB15EFC6E4D1153A6C5BC895948D] - [22/06/2016 01:29:28] - |A| - [145920] - C:\Windows\system32\sppc.dll [MD5.067FA52BFB59A56110A12312EF9AF243] - [22/06/2016 01:30:21] - |A| - [232448] - C:\Windows\system32\sppcomapi.dll [MD5.2A796B7E73673B960B1EA963A70DBC4F] - [22/06/2016 01:29:53] - |A| - [102400] - C:\Windows\system32\sppnp.dll [MD5.2B373B5F7E36B5ED5DA176D4400EF091] - [22/06/2016 01:30:41] - |A| - [1082880] - C:\Windows\system32\sppobjs.dll [MD5.E17E0188BB90FAE42D83E98707EFA59C] - [22/06/2016 01:30:08] - |A| - [3524608] - C:\Windows\system32\sppsvc.exe [MD5.F6F22291024906E43D135A4B1705FEAC] - [22/06/2016 01:30:39] - |A| - [418816] - C:\Windows\system32\sppwinob.dll [MD5.00000000000000000000000000000000] - [22/06/2016 03:01:58] - |D| - [1818112] - C:\Windows\system32\SPReview [MD5.704CD4CAC010E8E6D8DE9B778ED17773] - [22/06/2016 01:31:14] - |A| - [301568] - C:\Windows\system32\spreview.exe [MD5.CA4166E8424EA3E8053876B47603DBE6] - [22/06/2016 01:30:05] - |A| - [445952] - C:\Windows\system32\spwizeng.dll [MD5.10116D686A4DBA135E5C394E931E5D98] - [22/06/2016 01:29:06] - |A| - [7680] - C:\Windows\system32\spwizres.dll [MD5.364E7E33289341D4EB83CFA95D7B23AF] - [22/06/2016 01:31:21] - |A| - [263168] - C:\Windows\system32\spwizui.dll [MD5.BE5A0F4022E998E9319EA39598B427EA] - [22/06/2016 01:29:23] - |A| - [9728] - C:\Windows\system32\spwmp.dll [MD5.9C75CB8B98610F0CD85D99BB5876308B] - [22/06/2016 01:30:05] - |A| - [446976] - C:\Windows\system32\sqlcese30.dll [MD5.AAEF1B0563D6EDD324E834F64D0A0ED5] - [22/06/2016 01:30:45] - |A| - [933888] - C:\Windows\system32\sqlsrv32.dll [MD5.27B9E163740A226B65E4B9E186117911] - [22/06/2016 01:31:11] - |A| - [244736] - C:\Windows\system32\sqmapi.dll [MD5.8569E35D00F45972E506502EEE622BA4] - [22/06/2016 01:30:23] - |A| - [340992] - C:\Windows\system32\srchadmin.dll [MD5.FC788F5AD10723BE69B2C2DE4522774E] - [22/06/2016 01:30:06] - |A| - [503296] - C:\Windows\system32\srcore.dll [MD5.A3D4197E5DC267D488C467133E8407DF] - [22/06/2016 01:29:53] - |A| - [270848] - C:\Windows\system32\srrstr.dll [MD5.A88BE9A6C4E646A2B2A1BD3A7F4B58E7] - [19/06/2016 19:28:20] - |A| - [198896] - C:\Windows\system32\SRSHP64.dll [MD5.A028717B791416182959B325D5B40679] - [19/06/2016 19:28:20] - |A| - [211184] - C:\Windows\system32\SRSTSH64.dll [MD5.018D3D2478754AA411DE6DA6DE5F8F21] - [19/06/2016 19:28:20] - |A| - [518896] - C:\Windows\system32\SRSTSX64.dll [MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - [19/06/2016 19:28:20] - |A| - [155888] - C:\Windows\system32\SRSWOW64.dll [MD5.3A9C9BAF610B0DD4967086040B3B62A9] - [22/06/2016 01:29:59] - |A| - [128000] - C:\Windows\system32\srvcli.dll [MD5.D9F42719019740BAA6D1C6D536CBDAA6] - [22/06/2016 01:30:41] - |A| - [236032] - C:\Windows\system32\srvsvc.dll [MD5.FF80CAD87555E8E4D2CFD7B9058343F8] - [22/06/2016 01:29:28] - |A| - [13312] - C:\Windows\system32\sscore.dll [MD5.2A86E54B441AD41557F75DC5609B9793] - [22/06/2016 01:30:24] - |A| - [136192] - C:\Windows\system32\sspicli.dll [MD5.D8A79180614C14F87DA1038FFEB56F71] - [22/06/2016 01:30:06] - |A| - [29184] - C:\Windows\system32\sspisrv.dll [MD5.8DEDB880C3CB1B7024F2C8EE2F3E1151] - [22/06/2016 01:30:05] - |A| - [333824] - C:\Windows\system32\ssText3d.scr [MD5.C3761661C17C2248A9379A8FB89E3DE1] - [22/06/2016 01:30:41] - |A| - [257024] - C:\Windows\system32\stobject.dll [MD5.4E81439902079C348B61D7FF027FE147] - [22/06/2016 01:30:23] - |A| - [483840] - C:\Windows\system32\StructuredQuery.dll [MD5.EC84D7DCAE6AE0FE87EE5D4F0D50DC55] - [22/06/2016 01:30:06] - |A| - [769536] - C:\Windows\system32\sud.dll [MD5.9CEAD32E79A62150FE9F8557E58E008B] - [22/06/2016 01:30:52] - |A| - [582656] - C:\Windows\system32\sxs.dll [MD5.101797BA603D227946B4B5109867EB19] - [22/06/2016 01:30:41] - |A| - [2262528] - C:\Windows\system32\SyncCenter.dll [MD5.A10B048B681C38E26CA90CD1BC123604] - [22/06/2016 01:30:06] - |A| - [200192] - C:\Windows\system32\syncui.dll [MD5.6A1B51F414E2F83ECC2B9AFA0121FEF6] - [22/06/2016 01:30:06] - |A| - [207360] - C:\Windows\system32\sysclass.dll [MD5.DAAF9C77603F77988D3B0E74400F5038] - [22/06/2016 01:30:06] - |A| - [352768] - C:\Windows\system32\sysdm.cpl [MD5.BF9CCC0BF39B418C8D0AE8B05CF95B7D] - [22/06/2016 01:31:28] - |A| - [1743360] - C:\Windows\system32\sysmain.dll [MD5.FF71E16F8F5672A77F4B8689AA50D38A] - [22/06/2016 01:30:05] - |A| - [474112] - C:\Windows\system32\sysmon.ocx [MD5.4B4CA7B9008C56E380BC0A97FE0F2B4D] - [22/06/2016 01:29:35] - |A| - [17408] - C:\Windows\system32\syssetup.dll [MD5.BB074F35B49EB2EA416962B596281E1E] - [22/06/2016 01:30:06] - |A| - [419840] - C:\Windows\system32\systemcpl.dll [MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - [22/06/2016 01:31:19] - |A| - [347904] - C:\Windows\system32\systemsf.ebd [MD5.040B198DA82AC2C4DB22E088BBAFD10B] - [22/06/2016 01:30:34] - |A| - [148992] - C:\Windows\system32\t2embed.dll [MD5.98E7911BEFE83F76777317CE6905666D] - [22/06/2016 01:29:29] - |A| - [78848] - C:\Windows\system32\tabcal.exe [MD5.F731DB7489A0994F682D68A2B21AA5AE] - [22/06/2016 01:30:23] - |A| - [684032] - C:\Windows\system32\TabletPC.cpl [MD5.E3C61FD7B7C2557E1F1B0B4CEC713585] - [22/06/2016 01:30:23] - |A| - [92672] - C:\Windows\system32\TabSvc.dll [MD5.95F25E2D41AACCB8956F8E3C6740E377] - [19/06/2016 19:28:24] - |A| - [148416] - C:\Windows\system32\tadefxapo.dll [MD5.1A3586235C5DEF0C05F2F0C711E94376] - [19/06/2016 19:28:24] - |A| - [836544] - C:\Windows\system32\tadefxapo264.dll [MD5.53F4BCD594CC2A791E16246AED525B6D] - [22/06/2016 01:29:29] - |A| - [63488] - C:\Windows\system32\takeown.exe [MD5.40F0849F65D13EE87B9A9AE3C1DD6823] - [22/06/2016 01:30:22] - |A| - [316928] - C:\Windows\system32\tapisrv.dll [MD5.F0112F2DDAC14DFD4B3A69BB0164D005] - [22/06/2016 01:30:06] - |A| - [243712] - C:\Windows\system32\taskbarcpl.dll [MD5.6DC4A7242F565C9E9C9CCC7BB0FA75C7] - [22/06/2016 01:30:52] - |A| - [473600] - C:\Windows\system32\taskcomp.dll [MD5.65EA57712340C09B1B0C427B4848AE05] - [22/06/2016 01:31:09] - |A| - [464384] - C:\Windows\system32\taskeng.exe [MD5.517110BD83835338C037269E603DB55D] - [22/06/2016 01:30:23] - |A| - [69120] - C:\Windows\system32\taskhost.exe [MD5.09F7401D56F2393C6CA534FF0241A590] - [22/06/2016 01:30:07] - |A| - [257024] - C:\Windows\system32\taskmgr.exe [MD5.BAAFAF9CEAEC0B73C2A3550A01F6CECB] - [22/06/2016 01:31:21] - |A| - [1197056] - C:\Windows\system32\taskschd.dll [MD5.55DE45B116711881C852D2841E4C84DD] - [22/06/2016 01:30:40] - |A| - [253440] - C:\Windows\system32\tcpipcfg.dll [MD5.C082B23A77E89D5AA0329777FF34A0DE] - [19/06/2016 19:28:24] - |A| - [65944] - C:\Windows\system32\tepeqapo64.dll [MD5.2F794096269B32C1611B29341AD4A599] - [22/06/2016 01:30:05] - |A| - [421888] - C:\Windows\system32\termmgr.dll [MD5.2E648163254233755035B46DD7B89123] - [22/06/2016 01:31:11] - |A| - [680960] - C:\Windows\system32\termsrv.dll [MD5.CFA6B4D4A70D67C6387C29FA6FD703D0] - [22/06/2016 01:30:21] - |A| - [2193920] - C:\Windows\system32\themecpl.dll [MD5.2C647ABE9A424E55B5F3DAE4629B4277] - [22/06/2016 01:30:24] - |A| - [2851840] - C:\Windows\system32\themeui.dll [MD5.24F4B480F335A6C724AF352253C5D98B] - [22/06/2016 01:30:34] - |A| - [112640] - C:\Windows\system32\thumbcache.dll [MD5.1FCB1A72BF5C784F7358E6BEF38E4571] - [22/06/2016 01:30:23] - |A| - [515584] - C:\Windows\system32\timedate.cpl [MD5.1B4A711265FEA91259553D7B4E83394B] - [22/06/2016 01:29:40] - |A| - [73728] - C:\Windows\system32\tlscsp.dll [MD5.7380AE45CFA24369A7305520897142B8] - [19/06/2016 19:28:24] - |A| - [1361336] - C:\Windows\system32\tosade.dll [MD5.A58E46E776CFAD5DCBC8C2D9A920E7B4] - [19/06/2016 19:28:24] - |A| - [582056] - C:\Windows\system32\tosasfapo64.dll [MD5.3D30D3B2776C1A24F6498F569466E8D7] - [19/06/2016 19:28:24] - |A| - [162224] - C:\Windows\system32\toseaeapo64.dll [MD5.771536F10F1A419622787FB5D27A8E6B] - [19/06/2016 19:28:24] - |A| - [871856] - C:\Windows\system32\tossaeapo64.dll [MD5.6C597496AB646EB9F31C68241050F771] - [22/06/2016 01:31:26] - |A| - [2314752] - C:\Windows\system32\tquery.dll [MD5.ABC58A1A2C4D527A358EEF2142268FE5] - [22/06/2016 01:29:28] - |A| - [21504] - C:\Windows\system32\TRAPI.dll [MD5.CEED624D1291081B1B7D921FBB9C61D9] - [22/06/2016 01:29:45] - |A| - [14848] - C:\Windows\system32\tsbyuv.dll [MD5.4947AB26D8C3E402B153B3A5BB615495] - [22/06/2016 01:30:41] - |A| - [200192] - C:\Windows\system32\tscfgwmi.dll [MD5.2BA41198C6A0367B4FC61315E9E90020] - [22/06/2016 01:29:28] - |A| - [22528] - C:\Windows\system32\tscon.exe [MD5.40EDE82A2D7E5336B12693D89B4F4466] - [22/06/2016 01:29:28] - |A| - [22016] - C:\Windows\system32\tsdiscon.exe [MD5.3834D69D6D189AC08B52BD8DF8CB06A6] - [22/06/2016 01:30:05] - |A| - [44032] - C:\Windows\system32\tsgqec.dll [MD5.8DD050AFAC250837DF42514DEF72B2E2] - [22/06/2016 01:29:28] - |A| - [23552] - C:\Windows\system32\tskill.exe [MD5.D971173B54CA16810F138518A08F9566] - [22/06/2016 01:31:02] - |A| - [299520] - C:\Windows\system32\tsmf.dll [MD5.8A25506B6948EFBD5A7F37E53CCD36D9] - [22/06/2016 01:29:53] - |A| - [86016] - C:\Windows\system32\TSpkg.dll [MD5.D23B83944F4219FA7F89F4142D9CCEC5] - [22/06/2016 01:30:42] - |A| - [169984] - C:\Windows\system32\tspubwmi.dll [MD5.062E16AD57B5C4FDB3D1ADC1651C19BA] - [22/06/2016 01:31:28] - |A| - [133632] - C:\Windows\system32\tssrvlic.dll [MD5.CE776FE2FC6FDE12FC455412CE45162E] - [22/06/2016 01:30:22] - |A| - [40960] - C:\Windows\system32\TsUsbGDCoInstaller.dll [MD5.4E1073B674746EEA0B2EA0F4775EA6A4] - [22/06/2016 01:29:47] - |A| - [8192] - C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe [MD5.04D4A3C86479841A8D8740DB3E9AA43C] - [22/06/2016 01:31:35] - |A| - [12288] - C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll [MD5.03E012434BBE2B66D8C56B4A69461615] - [22/06/2016 01:31:11] - |A| - [750080] - C:\Windows\system32\TSWorkspace.dll [MD5.534D84434D9DB1D1E1E865F64E52AA8E] - [22/06/2016 01:30:06] - |A| - [172544] - C:\Windows\system32\twext.dll [MD5.A50E189FDB7E1018E9B2AEF101A236A7] - [22/06/2016 01:29:06] - |A| - [2048] - C:\Windows\system32\tzres.dll [MD5.29B19D564600319FD3746C48F888717C] - [22/06/2016 01:30:06] - |A| - [58368] - C:\Windows\system32\tzutil.exe [MD5.739BDC031DF0790FF8BB1AB244152C50] - [22/06/2016 01:31:20] - |A| - [3860992] - C:\Windows\system32\UIRibbon.dll [MD5.55E3404EBA301BC8A420157BFE7184D2] - [22/06/2016 01:29:28] - |A| - [1164800] - C:\Windows\system32\UIRibbonRes.dll [MD5.9FCA3A84338ADEF2AFF67CDA46EF8539] - [22/06/2016 01:29:40] - |A| - [59904] - C:\Windows\system32\umb.dll [MD5.B806E50427511BCF4AD8E8239C3E25FA] - [22/06/2016 01:31:00] - |A| - [404480] - C:\Windows\system32\umpnpmgr.dll [MD5.A293DCD756D04D8492A750D03B9A297C] - [22/06/2016 01:31:04] - |A| - [214528] - C:\Windows\system32\umrdp.dll [MD5.D2A0FFA75AB181B19B5EB93BB29C7686] - [22/06/2016 01:30:05] - |A| - [321536] - C:\Windows\system32\unimdm.tsp [MD5.2472BDF30C62F3E81AE27A968C25608C] - [22/06/2016 01:29:47] - |A| - [73216] - C:\Windows\system32\unimdmat.dll [MD5.B4CE0CAB186EBF4DF54BD34B4F0C0A06] - [22/06/2016 01:30:07] - |A| - [403968] - C:\Windows\system32\untfs.dll [MD5.96DB78C9C50CEED9DA5050EFFEE272A2] - [22/06/2016 01:30:39] - |A| - [264192] - C:\Windows\system32\upnp.dll [MD5.5FADA8B707318E1BD63A7E2B81E6C8CB] - [22/06/2016 01:31:21] - |A| - [1490944] - C:\Windows\system32\urlmon.dll [MD5.FE70103391A64039A921DBFFF9C7AB1B] - [22/06/2016 01:31:08] - |A| - [1008128] - C:\Windows\system32\user32.dll [MD5.EAFA08FDE52AF3C564D2D4D7B8BF66E3] - [22/06/2016 01:30:05] - |A| - [84480] - C:\Windows\system32\UserAccountControlSettings.dll [MD5.887EB84BB2EC3F4C1510C98E8C1ADFC0] - [22/06/2016 01:30:09] - |A| - [625664] - C:\Windows\system32\usercpl.dll [MD5.7A17485DC7D8A7AC81321A42CD034519] - [22/06/2016 01:30:42] - |A| - [109056] - C:\Windows\system32\userenv.dll [MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [22/06/2016 01:30:07] - |A| - [30720] - C:\Windows\system32\userinit.exe [MD5.2F8B1E3EE3545D3B5A8D56FA1AE07B65] - [22/06/2016 01:30:59] - |A| - [800256] - C:\Windows\system32\usp10.dll [MD5.713B611F6B796EECDA6F9970ACD9845B] - [22/06/2016 01:30:06] - |A| - [154624] - C:\Windows\system32\uxlib.dll [MD5.9EDB0A8337529D69F96DD1B2E70FA2F7] - [22/06/2016 01:30:23] - |A| - [691200] - C:\Windows\system32\VAN.dll [MD5.F8297797CC1993E25B8967D6032BFB31] - [22/06/2016 01:30:54] - |A| - [1098240] - C:\Windows\system32\Vault.dll [MD5.3DC58E2CA9A146A65F2066F2DC983898] - [22/06/2016 01:30:06] - |A| - [196096] - C:\Windows\system32\VBICodec.ax [MD5.0F8A86A636A774DBB63B3A8659723312] - [22/06/2016 01:29:28] - |A| - [43520] - C:\Windows\system32\vbisurf.ax [MD5.380C3F69472B96B5D35AF834855EE8BF] - [22/06/2016 01:31:04] - |A| - [612864] - C:\Windows\system32\vbscript.dll [MD5.8D6B481601D01A456E75C3210F1830BE] - [22/06/2016 01:30:40] - |A| - [533504] - C:\Windows\system32\vds.exe [MD5.AC3D7EE5F9EC2AB4BE0CDDE362D026A4] - [22/06/2016 01:29:35] - |A| - [190976] - C:\Windows\system32\vdsbas.dll [MD5.B6F9B45112E56992EF3EFA369FB7F047] - [22/06/2016 01:30:05] - |A| - [185856] - C:\Windows\system32\vdsutil.dll [MD5.1C8A7466E79B306C6D703FE8A6AC5612] - [22/06/2016 01:29:29] - |A| - [68096] - C:\Windows\system32\vfwwdm32.dll [MD5.7A20E304276A422F1FF0BBB640272DA0] - [22/06/2016 01:29:23] - |A| - [130048] - C:\Windows\system32\VmbusCoinstaller.dll [MD5.D1AAFE4B6515002332DF389326BB6A87] - [22/06/2016 01:29:23] - |A| - [15872] - C:\Windows\system32\vmbuspipe.dll [MD5.E48FCE3820487A9CDDD83BBABC6B962C] - [22/06/2016 01:29:28] - |A| - [44544] - C:\Windows\system32\vmbusres.dll [MD5.D5FED0C332BDF11698FBF8E59EA83434] - [22/06/2016 01:29:23] - |A| - [129024] - C:\Windows\system32\VmdCoinstall.dll [MD5.0FDEEF01CB054D8FE46682FB64EE99BB] - [22/06/2016 01:29:28] - |A| - [53760] - C:\Windows\system32\vmicres.dll [MD5.79E14B291CA96A02F1EB22BD721DECCD] - [22/06/2016 01:30:41] - |A| - [244224] - C:\Windows\system32\vmicsvc.exe [MD5.7961AAD46149CD5510DD405FA5DE1D3F] - [22/06/2016 01:29:29] - |A| - [51712] - C:\Windows\system32\vmictimeprovider.dll [MD5.D289D2E949609B696161039C3D86FFE9] - [22/06/2016 01:29:28] - |A| - [38400] - C:\Windows\system32\vmstorfltres.dll [MD5.0FE5CD5F9C9248F42D1EF56E495B182E] - [22/06/2016 01:30:42] - |A| - [263168] - C:\Windows\system32\vpnike.dll [MD5.77B5035BC6EDF4D1B6265391AECEE4C0] - [22/06/2016 01:30:21] - |A| - [38912] - C:\Windows\system32\vpnikeapi.dll [MD5.0E2F58F6E698EDCB9E58FAD0CBCD0567] - [22/06/2016 01:31:21] - |A| - [1753088] - C:\Windows\system32\vssapi.dll [MD5.B60BA0BC31B0CB414593E169F6F21CC2] - [22/06/2016 01:31:13] - |A| - [1600512] - C:\Windows\system32\VSSVC.exe [MD5.4D85B1B44DC19C0C46E6DDE35895FD0F] - [22/06/2016 01:29:29] - |A| - [61952] - C:\Windows\system32\vss_ps.dll [MD5.D70BEDB9436DBCA77D3E470C1BAB373E] - [19/06/2016 21:22:12] - |A| - [130848] - C:\Windows\system32\vulkan-1.dll [MD5.0597F21B1DCADAB5F28806671670CDE4] - [19/06/2016 21:22:12] - |A| - [45344] - C:\Windows\system32\vulkaninfo.exe [MD5.C1A8C1D804EFB14D344E958BC6AA572C] - [22/06/2016 01:29:29] - |A| - [61952] - C:\Windows\system32\WavDest.dll [MD5.4A3B1F516F2CD426CA0562DDABE3C6B9] - [22/06/2016 01:29:58] - |A| - [255488] - C:\Windows\system32\wavemsp.dll [MD5.D61708735E3A42A09DDA19E811F3A9A8] - [19/06/2016 19:28:20] - |A| - [2101848] - C:\Windows\system32\WavesGUILib64.dll [MD5.7DB5AA22A8A8E5C2D335F44853C1F6DE] - [22/06/2016 01:17:49] - |A| - [529408] - C:\Windows\system32\wbemcomn.dll [MD5.78F4E7F5C56CB9716238EB57DA4B6A75] - [22/06/2016 01:31:10] - |A| - [1504256] - C:\Windows\system32\wbengine.exe [MD5.7368A2AFD46E5A4481D1DE9D14848EDD] - [22/06/2016 01:30:39] - |A| - [367104] - C:\Windows\system32\wcncsvc.dll [MD5.6E26EE228F60D75C732D209688FB546C] - [22/06/2016 01:30:24] - |A| - [1363968] - C:\Windows\system32\wdc.dll [MD5.D10864C1730172780C2D4BE633B9220A] - [19/06/2016 19:38:42] - |A| - [1795952] - C:\Windows\system32\WdfCoInstaller01011.dll [MD5.51DFBD18A435BAEC1F71A692373ECE4F] - [19/06/2016 19:38:52] - |A| - [9728] - C:\Windows\system32\Wdfres.dll [MD5.E811F8510B133E70CF6E509FB809824F] - [22/06/2016 01:29:28] - |A| - [36352] - C:\Windows\system32\wdiasqmmodule.dll [MD5.1473768973453DE50DC738C2955FC4DD] - [22/06/2016 01:30:22] - |A| - [217088] - C:\Windows\system32\wdmaud.drv [MD5.47B8DEBEC68FACCD026F99CAE8698C93] - [22/06/2016 01:30:07] - |A| - [290304] - C:\Windows\system32\webcheck.dll [MD5.3DB6D04E1C64272F8B14EB8BC4616280] - [22/06/2016 01:30:52] - |A| - [258560] - C:\Windows\system32\WebClnt.dll [MD5.BC9489DF517C426D4044D99F14449134] - [22/06/2016 01:31:02] - |A| - [395776] - C:\Windows\system32\webio.dll [MD5.C55516D98DD5D8F0153C2A9B4227DA86] - [22/06/2016 01:30:51] - |A| - [1158656] - C:\Windows\system32\webservices.dll [MD5.F9959237F106F2B2609E61A290C0652E] - [22/06/2016 01:31:09] - |A| - [1281024] - C:\Windows\system32\werconcpl.dll [MD5.285DEA88F17836A6D5EE2C2116750982] - [22/06/2016 01:29:52] - |A| - [26112] - C:\Windows\system32\WerFaultSecure.exe [MD5.6011714C8C5C55CBFFAD24D61E879FBD] - [22/06/2016 01:31:21] - |A| - [1646080] - C:\Windows\system32\wevtsvc.dll [MD5.A943D670747778C7597987A4B5B9A679] - [22/06/2016 01:30:22] - |A| - [974336] - C:\Windows\system32\WFS.exe [MD5.F7E418D5BB71996347A8C431E6DC778C] - [22/06/2016 01:30:23] - |A| - [462336] - C:\Windows\system32\wiadefui.dll [MD5.8DD52E8E6128F4B2DA92CE27402871C1] - [22/06/2016 01:30:40] - |A| - [580096] - C:\Windows\system32\wiaservc.dll [MD5.BA94F132C66F2BD456854490C800C4F2] - [22/06/2016 01:29:35] - |A| - [124928] - C:\Windows\system32\wiavideo.dll [MD5.A89392A32BA98468710FD7E38318934B] - [22/06/2016 01:31:19] - |A| - [3126272] - C:\Windows\system32\win32k.sys [MD5.2AC11BE0F5D9A01433732AAB8BA21774] - [22/06/2016 01:30:54] - |A| - [751104] - C:\Windows\system32\win32spl.dll [MD5.6F3F29905F0EC4CE22C1FD8ACBF6C6DE] - [22/06/2016 01:29:42] - |A| - [294912] - C:\Windows\system32\WindowsAnytimeUpgradeResults.exe [MD5.26B73A85855681500BCC25C7CD9FF5B1] - [22/06/2016 01:30:52] - |A| - [1190400] - C:\Windows\system32\WindowsCodecs.dll [MD5.58F4493BF748A3A89689997B7BD00E95] - [22/06/2016 01:31:10] - |A| - [444416] - C:\Windows\system32\winhttp.dll [MD5.F6C5302E1F4813D552F41A0AC82455E5] - [22/06/2016 01:31:21] - |A| - [1188864] - C:\Windows\system32\wininet.dll [MD5.29B8F363D674A989852C5DAADD572F9F] - [22/06/2016 01:30:52] - |A| - [642944] - C:\Windows\system32\winload.efi [MD5.E2F68DC7FBD6E0BF031CA3809A739346] - [22/06/2016 01:30:54] - |A| - [605552] - C:\Windows\system32\winload.exe [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [22/06/2016 01:30:59] - |A| - [390656] - C:\Windows\system32\winlogon.exe [MD5.46C393535458BE01DBC22C5F24135611] - [22/06/2016 01:30:54] - |A| - [566208] - C:\Windows\system32\winresume.efi [MD5.0BA1DDE4AEC55DF894109D10E3F19481] - [22/06/2016 01:30:48] - |A| - [518672] - C:\Windows\system32\winresume.exe [MD5.86CC31F0A3D05C1DBD587552FF2DADFF] - [22/06/2016 01:31:14] - |A| - [3957760] - C:\Windows\system32\WinSAT.exe [MD5.021287C2050FD5DB4A8B084E2C38139C] - [22/06/2016 01:30:41] - |A| - [501248] - C:\Windows\system32\WinSATAPI.dll [MD5.7D5645EE0EA77D539828433D9B95F5EB] - [22/06/2016 01:29:53] - |A| - [217600] - C:\Windows\system32\WinSCard.dll [MD5.0015ACFBBDD164A8A730009908868CA7] - [22/06/2016 01:30:39] - |A| - [442368] - C:\Windows\system32\winspool.drv [MD5.E0406AEF04B088D1C49FC78D0546F689] - [22/06/2016 01:30:22] - |A| - [214016] - C:\Windows\system32\winsrv.dll [MD5.0D9764D58C5EFD672B7184854B152E5E] - [22/06/2016 01:30:48] - |A| - [235008] - C:\Windows\system32\winsta.dll [MD5.EB3F9C2DE1236B5D46B2291D82970E43] - [22/06/2016 01:30:42] - |A| - [220672] - C:\Windows\system32\wintrust.dll [MD5.02E20372D9D6D28E37BA9704EDC90B67] - [22/06/2016 01:30:39] - |A| - [405504] - C:\Windows\system32\wisptis.exe [MD5.3C91392D448F6E5D525A85B7550D8BA9] - [22/06/2016 01:29:53] - |A| - [71680] - C:\Windows\system32\wkscli.dll [MD5.90A914FE79249D6BD7F53EFF00FAECFD] - [22/06/2016 01:30:23] - |A| - [248832] - C:\Windows\system32\wksprt.exe [MD5.851A1382EED3E3A7476DB004F4EE3E1A] - [22/06/2016 01:30:21] - |A| - [118784] - C:\Windows\system32\wkssvc.dll [MD5.C4DF22EC976FF51A8A4057BE3C3D3F03] - [22/06/2016 01:30:23] - |A| - [475136] - C:\Windows\system32\wlangpui.dll [MD5.A648C4A06DE367065B24056D067B4460] - [22/06/2016 01:30:06] - |A| - [414720] - C:\Windows\system32\wlanmsm.dll [MD5.B86399C64A19EB45519466413FA5E361] - [22/06/2016 01:30:42] - |A| - [1441280] - C:\Windows\system32\wlanpref.dll [MD5.E62E6C6E0ECE74CD8345808F5A5F9F00] - [22/06/2016 01:30:20] - |A| - [414208] - C:\Windows\system32\wlanui.dll [MD5.4E4FFB09D895AA000DD56D1404F69A7E] - [22/06/2016 01:30:52] - |A| - [312832] - C:\Windows\system32\Wldap32.dll [MD5.E87D22236DFDF100715F142D4D258FB7] - [22/06/2016 01:29:35] - |A| - [1232896] - C:\Windows\system32\WMADMOD.DLL [MD5.423982DD851406A52B6399DDB196C606] - [22/06/2016 01:29:52] - |A| - [636416] - C:\Windows\system32\wmdrmdev.dll [MD5.765A0868EB29240873FB40E32F9C2053] - [22/06/2016 01:29:29] - |A| - [527872] - C:\Windows\system32\wmdrmnet.dll [MD5.3BDCBB29D727C49DC3E3256253467281] - [22/06/2016 01:29:59] - |A| - [781312] - C:\Windows\system32\wmdrmsdk.dll [MD5.9F4EA339FD6315CBDC4E543B2A222F45] - [22/06/2016 01:30:59] - |A| - [524288] - C:\Windows\system32\wmicmiplugin.dll [MD5.2383B9314592FEC47900BC5A6C7AEC83] - [22/06/2016 01:30:42] - |A| - [1243136] - C:\Windows\system32\WMNetMgr.dll [MD5.1EB82516F21F27EED1833B4F9FD9614E] - [22/06/2016 01:31:26] - |A| - [14633472] - C:\Windows\system32\wmp.dll [MD5.9EB716B82B5CB2E26524BC3A37FB7BA2] - [22/06/2016 01:29:53] - |A| - [358400] - C:\Windows\system32\wmpdxm.dll [MD5.612F1A6DA62A004128943A184123D184] - [22/06/2016 01:30:41] - |A| - [605696] - C:\Windows\system32\wmpeffects.dll [MD5.105B83027DD0C664242CFD74EE70C11D] - [22/06/2016 01:30:41] - |A| - [2072576] - C:\Windows\system32\WMPEncEn.dll [MD5.82E642B23F61A6863794E448C1EAAE34] - [22/06/2016 01:29:29] - |A| - [392192] - C:\Windows\system32\WMPhoto.dll [MD5.E19AD0D49BFF5938B3E374873AC174DE] - [22/06/2016 01:29:20] - |A| - [12625920] - C:\Windows\system32\wmploc.DLL [MD5.F149E8CAE538DBF7059B00326673F602] - [22/06/2016 01:30:41] - |A| - [1024512] - C:\Windows\system32\wmpmde.dll [MD5.355A138ABDFD43FBABCAE3A1B06AB93D] - [22/06/2016 01:30:58] - |A| - [481280] - C:\Windows\system32\wmpps.dll [MD5.56DAA6A090E528BD938B08616434717C] - [22/06/2016 01:29:42] - |A| - [132608] - C:\Windows\system32\wmpshell.dll [MD5.AE57DB2CCE48C85D0AD1EB38AE67EAA3] - [22/06/2016 01:30:09] - |A| - [223232] - C:\Windows\system32\wmpsrcwp.dll [MD5.BC631580FC99C75740DC1C6AF20B986B] - [22/06/2016 01:29:29] - |A| - [978944] - C:\Windows\system32\WMSPDMOD.DLL [MD5.9864D52F15AD32094A636C6B5281D9E7] - [22/06/2016 01:31:19] - |A| - [3027968] - C:\Windows\system32\WMVCORE.DLL [MD5.8206692C891DDDD7FD097422005E8BAE] - [22/06/2016 01:31:14] - |A| - [1888256] - C:\Windows\system32\WMVDECOD.DLL [MD5.994DF4AC984DC0EAB52EE51AF0E2B90C] - [22/06/2016 01:29:35] - |A| - [666112] - C:\Windows\system32\WMVSDECD.DLL [MD5.098EF40B77F88148349AAEBFE38E87C7] - [22/06/2016 01:30:24] - |A| - [243200] - C:\Windows\system32\wow64.dll [MD5.99F5AEDBA338CE63F047D86E07DA36F6] - [22/06/2016 01:29:23] - |A| - [13312] - C:\Windows\system32\wow64cpu.dll [MD5.C742077774E78A388F11EC943AD717FC] - [22/06/2016 01:29:23] - |A| - [361984] - C:\Windows\system32\wow64win.dll [MD5.01073F2BA36792C9BFD1BD622A6247B3] - [22/06/2016 01:30:09] - |A| - [812032] - C:\Windows\system32\wpccpl.dll [MD5.93221146D4EBBF314C29B23CD6CC391D] - [22/06/2016 01:30:39] - |A| - [117248] - C:\Windows\system32\wpdbusenum.dll [MD5.4715F8F8CDBFFF2728BA38B789A1D7C7] - [22/06/2016 01:30:56] - |A| - [2543616] - C:\Windows\system32\wpdshext.dll [MD5.C8FDF0FA9E97E2FAAF3F814716AAA881] - [22/06/2016 01:30:07] - |A| - [115200] - C:\Windows\system32\WPDShServiceObj.dll [MD5.F8E722E173C976353881024088794450] - [22/06/2016 01:29:29] - |A| - [431104] - C:\Windows\system32\WPDSp.dll [MD5.2236436F5522E6F9153569AD24C4F70F] - [22/06/2016 01:29:35] - |A| - [215040] - C:\Windows\system32\wpdwcn.dll [MD5.F41831D2A3D6E2152525EA3F75316ACD] - [22/06/2016 01:30:21] - |A| - [611840] - C:\Windows\system32\wpd_ci.dll [MD5.4BBFA57F594F7E8A8EDC8F377184C3F0] - [22/06/2016 01:30:59] - |A| - [297984] - C:\Windows\system32\ws2_32.dll [MD5.218A400108F280428FA22282D3268BBC] - [22/06/2016 01:30:23] - |A| - [63488] - C:\Windows\system32\wscapi.dll [MD5.F1B205F932F62F94506A5F332C895DAF] - [22/06/2016 01:31:06] - |A| - [577536] - C:\Windows\system32\WSDApi.dll [MD5.4C1244FEF74C60A4B1B151C76609CBE2] - [22/06/2016 01:29:23] - |A| - [26112] - C:\Windows\system32\wsdchngr.dll [MD5.748849C42DEA24C723048E24BCA1BD55] - [22/06/2016 01:29:24] - |A| - [47104] - C:\Windows\system32\wshbth.dll [MD5.11A087ED1D82FF01F74CEA03CF25E348] - [22/06/2016 01:29:23] - |A| - [13824] - C:\Windows\system32\wshirda.dll [MD5.BCB1310604AA415C4508708975B3931E] - [22/06/2016 01:31:19] - |A| - [2018304] - C:\Windows\system32\WsmSvc.dll [MD5.FFF9D00CF16397C64317F213484F94BD] - [22/06/2016 01:29:53] - |A| - [67072] - C:\Windows\system32\wsnmp32.dll [MD5.8FAFCA21FE9B20C420CE9D4DC50A7169] - [22/06/2016 01:29:52] - |A| - [293888] - C:\Windows\system32\wsqmcons.exe [MD5.BE306D6E345A5FD8A049726C6F9DE6F8] - [22/06/2016 01:30:09] - |A| - [98304] - C:\Windows\system32\WSTPager.ax [MD5.C47F35CC6FA4F1BDBEF8F87AC1A46537] - [19/06/2016 19:46:53] - |A| - [701976] - C:\Windows\system32\wuapi.dll [MD5.29FE783F75362AD6D2D9C0555BA83BD2] - [22/06/2016 23:38:43] - |A| - [36864] - C:\Windows\system32\wuapp.exe [MD5.EAD9E413A6CEB9FD8E2AD9DC0716C061] - [22/06/2016 23:39:51] - |A| - [58336] - C:\Windows\system32\wuauclt.exe [MD5.61FF576450CCC80564B850BC3FB6713A] - [22/06/2016 23:39:51] - |A| - [2477536] - C:\Windows\system32\wuaueng.dll [MD5.6335F8B4B89F002A3801473C1A799237] - [22/06/2016 23:39:51] - |A| - [2620928] - C:\Windows\system32\wucltux.dll [MD5.688649DB892D2D8C6BEDCBDDAFCBDEB3] - [22/06/2016 01:29:28] - |A| - [44544] - C:\Windows\system32\WUDFCoinstaller.dll [MD5.D0FF1CA89D013B94768A289023958F6B] - [22/06/2016 01:29:29] - |A| - [226816] - C:\Windows\system32\WUDFHost.exe [MD5.80E69670BDA10F32A941BA7358E33012] - [22/06/2016 01:29:47] - |A| - [182784] - C:\Windows\system32\WUDFPlatform.dll [MD5.7A95C95B6C4CF292D689106BCAE49543] - [22/06/2016 01:30:23] - |A| - [78848] - C:\Windows\system32\WUDFSvc.dll [MD5.1950B1C38AED4154BA79F77E36494D8A] - [22/06/2016 01:29:29] - |A| - [681472] - C:\Windows\system32\WUDFx.dll [MD5.4AA6AA52A16EED6481E83D73EED4C8D5] - [19/06/2016 19:46:53] - |A| - [99840] - C:\Windows\system32\wudriver.dll [MD5.E746ED90132C6B6313CE9179F56BD31D] - [19/06/2016 19:46:53] - |A| - [38424] - C:\Windows\system32\wups.dll [MD5.E76F105AD039B9E4DA9ECE839298C4A2] - [22/06/2016 23:39:52] - |A| - [44512] - C:\Windows\system32\wups2.dll [MD5.C15B3D813F4382ADE98F1892350F21C7] - [22/06/2016 01:30:40] - |A| - [307200] - C:\Windows\system32\wusa.exe [MD5.45D4BDEA136E72E75CF008D3C38D949A] - [22/06/2016 23:38:43] - |A| - [198600] - C:\Windows\system32\wuwebv.dll [MD5.5088595871D94EAD05CFD9351002B589] - [22/06/2016 01:29:52] - |A| - [594432] - C:\Windows\system32\wvc.dll [MD5.36F3D6CF6842573E5955D0B7CD2BF281] - [22/06/2016 01:30:20] - |A| - [222720] - C:\Windows\system32\wwanconn.dll [MD5.E8C9D8F4AA8D340894808CFB61A029EA] - [22/06/2016 01:30:05] - |A| - [48640] - C:\Windows\system32\wwanprotdim.dll [MD5.F77D5AB654881E683CFF6650916C424E] - [19/06/2016 23:11:52] - |A| - [16592] - C:\Windows\system32\x3daudio1_0.dll [MD5.489E5B8BB1BD1028FF1C798EAAEC65E4] - [19/06/2016 23:11:54] - |A| - [17688] - C:\Windows\system32\x3daudio1_1.dll [MD5.BC78D5328541410510DDE06B9FA92024] - [19/06/2016 23:11:59] - |A| - [21000] - C:\Windows\system32\X3DAudio1_2.dll [MD5.C4C2ED69B18EE1C60026877FCC470FA7] - [19/06/2016 23:12:01] - |A| - [28168] - C:\Windows\system32\X3DAudio1_3.dll [MD5.DE6004D16DBACD781ED4596C4FEA7D14] - [19/06/2016 23:12:02] - |A| - [28168] - C:\Windows\system32\X3DAudio1_4.dll [MD5.CFF1C1F7B9F855DDEE431D7B5DCACDF8] - [19/06/2016 23:12:07] - |A| - [25936] - C:\Windows\system32\X3DAudio1_5.dll [MD5.EEE871CC4F5563FF8B3C8385B32B0C5F] - [19/06/2016 23:12:11] - |A| - [24920] - C:\Windows\system32\X3DAudio1_6.dll [MD5.B4FF2A39685C1A6D43F0E56EB350AF3A] - [19/06/2016 23:12:17] - |A| - [24920] - C:\Windows\system32\X3DAudio1_7.dll [MD5.CE5753F9A27837259EB52F3F47F39593] - [19/06/2016 23:11:52] - |A| - [355536] - C:\Windows\system32\xactengine2_0.dll [MD5.0CC809422AB40974DFF8078392E4D507] - [19/06/2016 23:11:53] - |A| - [352464] - C:\Windows\system32\xactengine2_1.dll [MD5.E8932AF24786765859558CB79E385AC2] - [19/06/2016 23:12:01] - |A| - [411656] - C:\Windows\system32\xactengine2_10.dll [MD5.DC5A914C34EB12056531777D4DD0F44E] - [19/06/2016 23:11:54] - |A| - [354072] - C:\Windows\system32\xactengine2_2.dll [MD5.0396D2A98B0CCD4419B572EBF618E81E] - [19/06/2016 23:11:54] - |A| - [363288] - C:\Windows\system32\xactengine2_3.dll [MD5.58BB51253427A834A8807B9245CC5965] - [19/06/2016 23:11:54] - |A| - [364824] - C:\Windows\system32\xactengine2_4.dll [MD5.398FF46FF7354FED2F0F1AECDB546866] - [19/06/2016 23:11:55] - |A| - [390424] - C:\Windows\system32\xactengine2_5.dll [MD5.4837A54574A6105D404A8560984B93DD] - [19/06/2016 23:11:55] - |A| - [393576] - C:\Windows\system32\xactengine2_6.dll [MD5.8C970509E0AE10061E3ED6D51E34FEB9] - [19/06/2016 23:11:56] - |A| - [403304] - C:\Windows\system32\xactengine2_7.dll [MD5.FA485E76F94B7457767E372F47757733] - [19/06/2016 23:11:59] - |A| - [409960] - C:\Windows\system32\xactengine2_8.dll [MD5.A69C32C2BD01522A088D254342826866] - [19/06/2016 23:12:00] - |A| - [411496] - C:\Windows\system32\xactengine2_9.dll [MD5.A8B5370B7B61D3777D840DA1C64A1C2D] - [19/06/2016 23:12:01] - |A| - [177672] - C:\Windows\system32\xactengine3_0.dll [MD5.A2A098BF5A8C255A0090818AD8E87B0F] - [19/06/2016 23:12:02] - |A| - [177672] - C:\Windows\system32\xactengine3_1.dll [MD5.CC8399A9E51B2AF1C2C20A26D85EB60E] - [19/06/2016 23:12:03] - |A| - [177672] - C:\Windows\system32\xactengine3_2.dll [MD5.84B41FD03CAFC5048346B3B2AB92D199] - [19/06/2016 23:12:08] - |A| - [175440] - C:\Windows\system32\xactengine3_3.dll [MD5.1BA01062450BD1F052C54C01C12248F6] - [19/06/2016 23:12:11] - |A| - [174936] - C:\Windows\system32\xactengine3_4.dll [MD5.51D65BE2F794B944CADAF287B34EF603] - [19/06/2016 23:12:13] - |A| - [176968] - C:\Windows\system32\xactengine3_5.dll [MD5.936DCC640B2991905D909395E03B64F9] - [19/06/2016 23:12:17] - |A| - [176984] - C:\Windows\system32\xactengine3_6.dll [MD5.BDEC09A032DB44D9CDB3A0D97224D64E] - [19/06/2016 23:12:23] - |A| - [176984] - C:\Windows\system32\xactengine3_7.dll [MD5.0E92D8C0ECA74B6D0A55ABAD53226113] - [19/06/2016 23:12:02] - |A| - [68104] - C:\Windows\system32\XAPOFX1_0.dll [MD5.0F2DB378FBE2D124E4D3631B329688AE] - [19/06/2016 23:12:06] - |A| - [72200] - C:\Windows\system32\XAPOFX1_1.dll [MD5.2F8F9B707FED2405A787380230CC6FA9] - [19/06/2016 23:12:09] - |A| - [74576] - C:\Windows\system32\XAPOFX1_2.dll [MD5.37B348A79C4C9B8AB925B18FFD241E96] - [19/06/2016 23:12:12] - |A| - [73544] - C:\Windows\system32\XAPOFX1_3.dll [MD5.A9724EB3D6CC032D0C4ECAFF4AD8C17F] - [19/06/2016 23:12:18] - |A| - [78680] - C:\Windows\system32\XAPOFX1_4.dll [MD5.E9739AE8B2FA28DCD6F2EF5525DA8827] - [19/06/2016 23:12:23] - |A| - [77656] - C:\Windows\system32\XAPOFX1_5.dll [MD5.29AF48F6C894328A58DEFDC560A70CF3] - [19/06/2016 23:12:01] - |A| - [489480] - C:\Windows\system32\XAudio2_0.dll [MD5.E9C0F926D7C9082A805F4FEF81DEEB30] - [19/06/2016 23:12:02] - |A| - [511496] - C:\Windows\system32\XAudio2_1.dll [MD5.E335DF094836EE7030F1B9CE7429E884] - [19/06/2016 23:12:06] - |A| - [513544] - C:\Windows\system32\XAudio2_2.dll [MD5.758139A39AECC1B512576275A27C1177] - [19/06/2016 23:12:09] - |A| - [518480] - C:\Windows\system32\XAudio2_3.dll [MD5.B94F08069EFE2F8151DEF350E526E063] - [19/06/2016 23:12:12] - |A| - [521560] - C:\Windows\system32\XAudio2_4.dll [MD5.C291AEFD47A587FF5F509E2F96613F7D] - [19/06/2016 23:12:15] - |A| - [517960] - C:\Windows\system32\XAudio2_5.dll [MD5.05E88C8D8E652DFF03B469331F474CCE] - [19/06/2016 23:12:18] - |A| - [530776] - C:\Windows\system32\XAudio2_6.dll [MD5.4F7513FF4DE6303088DB28DCBCEF372C] - [19/06/2016 23:12:23] - |A| - [518488] - C:\Windows\system32\XAudio2_7.dll [MD5.6F9D3289D8B166E478AFFF9EFA92C42C] - [19/06/2016 23:11:54] - |A| - [83664] - C:\Windows\system32\xinput1_1.dll [MD5.06F15D3CB1AE0EAFA50F595B3FF8D9F5] - [19/06/2016 23:11:54] - |A| - [83736] - C:\Windows\system32\xinput1_2.dll [MD5.BFB3091B167550EC6E6454813D3DB244] - [19/06/2016 23:11:58] - |A| - [107368] - C:\Windows\system32\xinput1_3.dll [MD5.38004222971ECB9FA32408E17426069B] - [22/06/2016 01:31:11] - |A| - [470016] - C:\Windows\system32\XpsGdiConverter.dll [MD5.EFEB2023C5B494D04472996BF02B1B01] - [22/06/2016 01:31:27] - |A| - [1465344] - C:\Windows\system32\XpsPrint.dll [MD5.57528A746F7A1026B41FB8447F9591B5] - [22/06/2016 01:30:39] - |A| - [229888] - C:\Windows\system32\XpsRasterService.dll [MD5.3D840598CECAAE8470804918EE5A00B5] - [22/06/2016 01:31:23] - |A| - [3008000] - C:\Windows\system32\xpsservices.dll [MD5.DD067EAE0184EF9236966139AC98B4C8] - [19/06/2016 19:28:21] - |A| - [2157704] - C:\Windows\system32\YamahaAE.dll [MD5.BBAAE027C176402E221CADBFCAEB5407] - [22/06/2016 01:30:07] - |A| - [366080] - C:\Windows\system32\zipfldr.dll [MD5.A87D604AEA360176311474C87A63BB88] - [22/06/2016 01:30:42] - |A| - [229888] - C:\Windows\system32\Drivers\1394ohci.sys [MD5.D81D9E70B8A6DD14D42D7B4EFA65D5F2] - [22/06/2016 01:30:23] - |A| - [334208] - C:\Windows\system32\Drivers\acpi.sys [MD5.99F8E788246D495CE3794D7E7821D2CA] - [22/06/2016 01:29:23] - |A| - [12800] - C:\Windows\system32\Drivers\acpipmi.sys [MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - [22/06/2016 01:31:11] - |A| - [499712] - C:\Windows\system32\Drivers\afd.sys [MD5.6EC6D772EAE38DC17C14AED9B178D24B] - [22/06/2016 01:30:58] - |A| - [107904] - C:\Windows\system32\Drivers\amdsata.sys [MD5.1142A21DB581A84EA5597B03A26EBAA0] - [22/06/2016 01:30:24] - |A| - [27008] - C:\Windows\system32\Drivers\amdxata.sys [MD5.89A69C3F2F319B43379399547526D952] - [22/06/2016 01:29:23] - |A| - [61440] - C:\Windows\system32\Drivers\appid.sys [MD5.1694434F5B9AB16772C7A8E2EF9134CA] - [20/06/2016 00:07:41] - |A| - [37656] - C:\Windows\system32\Drivers\aswHwid.sys [MD5.786E8BCDFF674068F3C950615FC2E71C] - [20/06/2016 00:11:52] - |A| - [37144] - C:\Windows\system32\Drivers\aswKbd.sys [MD5.33D0DD0471FDF449C81338863FC63978] - [20/06/2016 00:07:43] - |A| - [107792] - C:\Windows\system32\Drivers\aswMonFlt.sys [MD5.DF190688D993A3DB227BFB0BB40BD7D4] - [20/06/2016 00:07:39] - |A| - [103064] - C:\Windows\system32\Drivers\aswRdr2.sys [MD5.D873455DFA27680585AE238503917DF5] - [20/06/2016 00:07:43] - |A| - [74544] - C:\Windows\system32\Drivers\aswRvrt.sys [MD5.A371A06EC8F4830C263D3F5CA5A11B65] - [20/06/2016 00:07:36] - |A| - [1070904] - C:\Windows\system32\Drivers\aswSnx.sys [MD5.6B7F6CE19A16240EE9DE2C528897ED9C] - [20/06/2016 00:07:47] - |A| - [465792] - C:\Windows\system32\Drivers\aswSP.sys [MD5.3575F9226251DE48E065ED5C384A21EF] - [20/06/2016 00:07:52] - |A| - [166432] - C:\Windows\system32\Drivers\aswStm.sys [MD5.BA4CDCD8C0395E91C38CD2C5CE3E7FA2] - [20/06/2016 00:07:52] - |A| - [287528] - C:\Windows\system32\Drivers\aswVmm.sys [MD5.A34FE1E025E88798E746F484956C0720] - [22/06/2016 01:30:07] - |A| - [155520] - C:\Windows\system32\Drivers\ataport.sys [MD5.F036CE71586E93D94DAB220D7BDF4416] - [22/06/2016 01:29:23] - |A| - [147456] - C:\Windows\system32\Drivers\cdrom.sys [MD5.7C1049B796EC0B4F969D898A041D1347] - [19/06/2016 20:42:56] - |RA| - [1943440] - C:\Windows\system32\Drivers\cfosspeed6.sys [MD5.ACFAD0B512226C7A83C7CB09FD55A9AD] - [22/06/2016 01:30:24] - |A| - [179072] - C:\Windows\system32\Drivers\Classpnp.sys [MD5.D5FEA92400F12412B3922087C09DA6A5] - [22/06/2016 01:31:00] - |A| - [459248] - C:\Windows\system32\Drivers\cng.sys [MD5.03EDB043586CCEBA243D689BDDA370A8] - [22/06/2016 01:29:23] - |A| - [38912] - C:\Windows\system32\Drivers\CompositeBus.sys [MD5.54DA3DFD29ED9F1619B6F53F3CE55E49] - [22/06/2016 01:30:58] - |A| - [514560] - C:\Windows\system32\Drivers\csc.sys [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - [22/06/2016 01:29:28] - |A| - [102400] - C:\Windows\system32\Drivers\dfsc.sys [MD5.B27A7B563F66EAD82B488EBAD5E4DD55] - [22/06/2016 01:30:22] - |A| - [27520] - C:\Windows\system32\Drivers\Diskdump.sys [MD5.E2CA2BC3B16BDA6E6F80F54C88486877] - [19/06/2016 20:35:11] - |A| - [283064] - C:\Windows\system32\Drivers\dtsoftbus01.sys [MD5.46989159059F99B1954B5EB53D696947] - [19/06/2016 19:28:26] - |R| - [1332] - C:\Windows\system32\Drivers\DTSU2P.DAT [MD5.F5BEE30450E18E6B83A5012C100616FD] - [22/06/2016 01:30:55] - |A| - [982912] - C:\Windows\system32\Drivers\dxgkrnl.sys [MD5.9CD68BDDF322535C02ADC8331013D13D] - [22/06/2016 01:29:47] - |A| - [258048] - C:\Windows\system32\Drivers\dxgmms1.sys [MD5.CC2DE631888782989B27B775B09F6FCD] - [19/06/2016 19:45:34] - |A| - [494864] - C:\Windows\system32\Drivers\e1d62x64.sys [MD5.DA6B67270FD9DB3697B20FCE94950741] - [22/06/2016 01:30:40] - |A| - [289664] - C:\Windows\system32\Drivers\fltMgr.sys [MD5.00000000000000000000000000000000] - [20/06/2016 04:53:10] - |D| - [836608] - C:\Windows\system32\Drivers\fr-FR [MD5.1F7B25B858FA27015169FE95E54108ED] - [22/06/2016 01:30:27] - |A| - [223248] - C:\Windows\system32\Drivers\fvevol.sys [MD5.63B5129D7127E7757FCC9EA9D3763963] - [22/06/2016 01:30:06] - |A| - [288640] - C:\Windows\system32\Drivers\FWPKCLNT.SYS [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [22/06/2016 01:29:23] - |A| - [122368] - C:\Windows\system32\Drivers\hdaudbus.sys [MD5.975761C778E33CD22498059B91E7373A] - [22/06/2016 01:29:23] - |A| - [350208] - C:\Windows\system32\Drivers\HdAudio.sys [MD5.8B0E40E7E8BBF5ACF390465609D89FF1] - [22/06/2016 01:30:10] - |A| - [76800] - C:\Windows\system32\Drivers\hidclass.sys [MD5.9592090A7E2B61CD582B612B6DF70536] - [22/06/2016 01:29:23] - |A| - [30208] - C:\Windows\system32\Drivers\hidusb.sys [MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - [22/06/2016 01:30:34] - |A| - [78720] - C:\Windows\system32\Drivers\HpSAMD.sys [MD5.0EA7DE1ACB728DD5A369FD742D6EEE28] - [22/06/2016 01:31:12] - |A| - [753664] - C:\Windows\system32\Drivers\http.sys [MD5.A5462BD6884960C9DC85ED49D34FF392] - [22/06/2016 01:30:06] - |A| - [14720] - C:\Windows\system32\Drivers\hwpolicy.sys [MD5.3DF4395A7CF8B7A72A5F4606366B8C2D] - [22/06/2016 01:30:22] - |A| - [410496] - C:\Windows\system32\Drivers\iaStorV.sys [MD5.DFDA21923BF4BE5B5686A41623E38B3E] - [19/06/2016 19:39:44] - |A| - [16344] - C:\Windows\system32\Drivers\IntelMEFWVer.dll [MD5.C9F0E1BD74365A8771590E9008D22AB6] - [22/06/2016 01:30:24] - |A| - [82944] - C:\Windows\system32\Drivers\ipfltdrv.sys [MD5.0FC1AEA580957AA8817B8F305D18CA3A] - [22/06/2016 01:29:23] - |A| - [78848] - C:\Windows\system32\Drivers\IPMIDrv.sys [MD5.78D369F8A81A341109FBA1DB64B4C512] - [19/06/2016 19:51:18] - |A| - [20464] - C:\Windows\system32\Drivers\iusb3hcs.sys [MD5.5B632ABA038CE2E2D5D2D1115C6B26D1] - [19/06/2016 19:51:09] - |A| - [368112] - C:\Windows\system32\Drivers\iusb3hub.sys [MD5.EA841584EF59528D11F20355770E427E] - [19/06/2016 19:51:10] - |A| - [786416] - C:\Windows\system32\Drivers\iusb3xhc.sys [MD5.0705EFF5B42A9DB58548EEC3B26BB484] - [22/06/2016 01:29:23] - |A| - [33280] - C:\Windows\system32\Drivers\kbdhid.sys [MD5.24FBF5CC5C04150073C315A7C83521EE] - [22/06/2016 01:30:22] - |A| - [243712] - C:\Windows\system32\Drivers\ks.sys [MD5.CCD53B5BD33CE0C889E830D839C8B66E] - [22/06/2016 01:30:29] - |A| - [95616] - C:\Windows\system32\Drivers\ksecdd.sys [MD5.9FF918A261752C12639E8AD4208D2C2F] - [22/06/2016 01:30:22] - |A| - [152960] - C:\Windows\system32\Drivers\ksecpkg.sys [MD5.78BFF5425E044086E74E78650A359FBB] - [22/06/2016 01:47:16] - |A| - [27008] - C:\Windows\system32\Drivers\mbam.sys [MD5.1239597BAB7EED2BB16D035AF87E65D9] - [22/06/2016 01:47:17] - |A| - [140672] - C:\Windows\system32\Drivers\mbamchameleon.sys [MD5.78488AF2AB2111D67B3C4044707A519B] - [22/06/2016 01:47:27] - |A| - [192216] - C:\Windows\system32\Drivers\MBAMSwissArmy.sys [MD5.32E7A3D591D671A6DF2DB515A5CBE0FA] - [22/06/2016 01:30:07] - |A| - [94592] - C:\Windows\system32\Drivers\mountmgr.sys [MD5.A44B420D30BD56E145D6A2BC8768EC58] - [22/06/2016 01:30:06] - |A| - [155008] - C:\Windows\system32\Drivers\mpio.sys [MD5.DC722758B8261E1ABAFD31A3C0A66380] - [22/06/2016 01:30:39] - |A| - [140800] - C:\Windows\system32\Drivers\mrxdav.sys [MD5.FAF015B07E3A2874A790A39B7D2C579F] - [22/06/2016 01:30:40] - |A| - [158208] - C:\Windows\system32\Drivers\mrxsmb.sys [MD5.08E2345DF129082BCDFFDC1440F9C00D] - [22/06/2016 01:30:41] - |A| - [287744] - C:\Windows\system32\Drivers\mrxsmb10.sys [MD5.108D87409C5812EF47D81E22843E8C9D] - [22/06/2016 01:30:25] - |A| - [128000] - C:\Windows\system32\Drivers\mrxsmb20.sys [MD5.C25F0BAFA182CBCA2DD3C851C2E75796] - [22/06/2016 01:30:23] - |A| - [31104] - C:\Windows\system32\Drivers\msahci.sys [MD5.DB801A638D011B9633829EB6F663C900] - [22/06/2016 01:30:39] - |A| - [140672] - C:\Windows\system32\Drivers\msdsm.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/06/2016 19:39:07] - |AH| - [0] - C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf [MD5.933222B19FF3E7EA5F65517EA1F7D57E] - [19/06/2016 19:38:52] - |A| - [3] - C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/06/2016 19:51:23] - |AH| - [0] - C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/06/2016 19:39:08] - |AH| - [0] - C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf [MD5.D931D7309DEB2317035B07C9F9E6B0BD] - [22/06/2016 01:31:20] - |A| - [273792] - C:\Windows\system32\Drivers\msiscsi.sys [MD5.759A9EEB0FA9ED79DA1FB7D4EF78866D] - [22/06/2016 01:30:43] - |A| - [366976] - C:\Windows\system32\Drivers\msrpc.sys [MD5.452ACB7A9914398D9E18CCCFFCF92208] - [22/06/2016 01:47:16] - |A| - [64896] - C:\Windows\system32\Drivers\mwac.sys [MD5.79B47FD40D9A817E932F9D26FAC0A81C] - [22/06/2016 01:31:12] - |A| - [951680] - C:\Windows\system32\Drivers\ndis.sys [MD5.136185F9FB2CC61E573E676AA5402356] - [22/06/2016 01:29:29] - |A| - [56832] - C:\Windows\system32\Drivers\ndisuio.sys [MD5.53F7305169863F0A2BDDC49E116C2E11] - [22/06/2016 01:30:23] - |A| - [164352] - C:\Windows\system32\Drivers\ndiswan.sys [MD5.015C0D8E0E0421B4CFD48CFFE2825879] - [22/06/2016 01:30:05] - |A| - [57856] - C:\Windows\system32\Drivers\ndproxy.sys [MD5.09594D1089C523423B32A4229263F068] - [22/06/2016 01:31:04] - |A| - [261632] - C:\Windows\system32\Drivers\netbt.sys [MD5.C8E033EA95337FDCE489D1D0348B9A23] - [22/06/2016 01:31:04] - |A| - [376192] - C:\Windows\system32\Drivers\netio.sys [MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - [22/06/2016 01:31:21] - |A| - [1659776] - C:\Windows\system32\Drivers\ntfs.sys [MD5.1F99AD85DC4F9E322CDE2363378CD374] - [19/06/2016 21:19:49] - |A| - [141256] - C:\Windows\system32\Drivers\nvhda64v.sys [MD5.F1AD55BE455B70D8348C08EC891BA263] - [19/06/2016 21:19:49] - |A| - [13460536] - C:\Windows\system32\Drivers\nvlddmkm.sys [MD5.5D9FD91F3D38DC9DA01E3CB5FA89CD48] - [22/06/2016 01:31:02] - |A| - [148352] - C:\Windows\system32\Drivers\nvraid.sys [MD5.F7CD50FE7139F07E77DA8AC8033D1832] - [22/06/2016 01:31:07] - |A| - [166272] - C:\Windows\system32\Drivers\nvstor.sys [MD5.F37FE6B15A987AEEC08EEF531F2FAED7] - [20/06/2016 01:20:34] - |A| - [56384] - C:\Windows\system32\Drivers\nvvad64v.sys [MD5.0557CF5A2556BD58E26384169D72438D] - [22/06/2016 01:29:28] - |A| - [131584] - C:\Windows\system32\Drivers\pacer.sys [MD5.871EADAC56B0A4C6512BBE32753CCF79] - [22/06/2016 01:30:23] - |A| - [75136] - C:\Windows\system32\Drivers\partmgr.sys [MD5.94575C0571D1462A0F70BDE6BD6EE6B3] - [22/06/2016 01:30:40] - |A| - [184704] - C:\Windows\system32\Drivers\pci.sys [MD5.471815800AE33E6F1C32FB1B97C490CA] - [22/06/2016 01:30:39] - |A| - [129536] - C:\Windows\system32\Drivers\rasl2tp.sys [MD5.F92A2C41117A11A00BE01CA01A7FCDE9] - [22/06/2016 01:30:22] - |A| - [111104] - C:\Windows\system32\Drivers\raspptp.sys [MD5.77F665941019A1594D887A74F301FA2F] - [22/06/2016 01:30:42] - |A| - [309248] - C:\Windows\system32\Drivers\rdbss.sys [MD5.1B6163C503398B23FF8B939C67747683] - [22/06/2016 01:30:06] - |A| - [165888] - C:\Windows\system32\Drivers\rdpdr.sys [MD5.70CBA1A0C98600A2AA1863479B35CB90] - [22/06/2016 01:30:14] - |A| - [20992] - C:\Windows\system32\Drivers\rdpvideominiport.sys [MD5.15B66C206B5CB095BAB980553F38ED23] - [22/06/2016 01:30:57] - |A| - [210944] - C:\Windows\system32\Drivers\rdpwd.sys [MD5.34ED295FA0121C241BFEF24764FC4520] - [22/06/2016 01:30:08] - |A| - [213888] - C:\Windows\system32\Drivers\rdyboost.sys [MD5.CAF88D6573D21CD2AA27001DDBFDC74D] - [22/06/2016 01:29:32] - |A| - [146432] - C:\Windows\system32\Drivers\rmcast.sys [MD5.FF25183C362383CACACE80B40CBD8FDF] - [19/06/2016 19:28:15] - |A| - [749977] - C:\Windows\system32\Drivers\RTAIODAT.DAT [MD5.689F04285EF20E98B4F338AF7523A4C2] - [19/06/2016 19:28:16] - |A| - [3867992] - C:\Windows\system32\Drivers\RTKVHD64.sys [MD5.886CE666A9507E17475C7156B157D181] - [19/06/2016 19:28:23] - |A| - [5804772] - C:\Windows\system32\Drivers\rtvienna.dat [MD5.AC03AF3329579FFFB455AA2DAABBE22B] - [22/06/2016 01:30:22] - |A| - [103808] - C:\Windows\system32\Drivers\sbp2port.sys [MD5.253F38D0D7074C02FF8DEB9836C97D2B] - [22/06/2016 01:29:22] - |A| - [29696] - C:\Windows\system32\Drivers\scfilter.sys [MD5.1B1E264203D4EF9D3DA1987AD70355AB] - [22/06/2016 01:30:20] - |A| - [171392] - C:\Windows\system32\Drivers\scsiport.sys [MD5.DD85B78243A19B59F0637DCF284DA63C] - [22/06/2016 01:29:22] - |A| - [14336] - C:\Windows\system32\Drivers\sffp_sd.sys [MD5.2098B8556D1CEC2ACA9A29CD479E3692] - [22/06/2016 01:31:11] - |A| - [468992] - C:\Windows\system32\Drivers\srv.sys [MD5.D0F73A42040F21F92FD314B42AC5C9E7] - [22/06/2016 01:31:11] - |A| - [413184] - C:\Windows\system32\Drivers\srv2.sys [MD5.2BA8F3250828CCDB4204ECF2C6F40B6A] - [22/06/2016 01:30:59] - |A| - [167936] - C:\Windows\system32\Drivers\srvnet.sys [MD5.CCE3074CEE5F2FAF1E7468F224C409CC] - [22/06/2016 01:30:52] - |A| - [189824] - C:\Windows\system32\Drivers\storport.sys [MD5.D34E4943D5AC096C8EDEEBFD80D76E23] - [22/06/2016 01:30:07] - |A| - [34688] - C:\Windows\system32\Drivers\storvsc.sys [MD5.509383E505C973ED7534A06B3D19688D] - [22/06/2016 01:31:27] - |A| - [1924480] - C:\Windows\system32\Drivers\tcpip.sys [MD5.DF687E3D8836BFB04FCC0615BF15A519] - [22/06/2016 01:29:35] - |A| - [45056] - C:\Windows\system32\Drivers\tcpipreg.sys [MD5.6F020A220388ECA0AB6062DC27BD16B6] - [22/06/2016 01:29:28] - |A| - [26624] - C:\Windows\system32\Drivers\tdi.sys [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [22/06/2016 01:31:04] - |A| - [119296] - C:\Windows\system32\Drivers\tdx.sys [MD5.E0EF6C1399A9B1AAA0B28590411BED04] - [19/06/2016 19:38:42] - |A| - [99288] - C:\Windows\system32\Drivers\TeeDriverx64.sys [MD5.561E7E1F06895D78DE991E01DD0FB6E5] - [22/06/2016 01:30:23] - |A| - [63360] - C:\Windows\system32\Drivers\termdd.sys [MD5.0D5A09B08568760AE85A801FCBC0F83D] - [22/06/2016 01:36:20] - |A| - [28272] - C:\Windows\system32\Drivers\TrueSight.sys [MD5.CE18B2CDFC837C99E5FAE9CA6CBA5D30] - [22/06/2016 01:30:06] - |A| - [39424] - C:\Windows\system32\Drivers\tssecsrv.sys [MD5.D11C783E3EF9A3C52C0EBE83CC5000E9] - [22/06/2016 01:31:35] - |A| - [59392] - C:\Windows\system32\Drivers\TsUsbFlt.sys [MD5.3566A8DAAFA27AF944F5D705EAA64894] - [22/06/2016 01:29:28] - |A| - [125440] - C:\Windows\system32\Drivers\tunnel.sys [MD5.FF4232A1A64012BAA1FD97C7B67DF593] - [22/06/2016 01:30:41] - |A| - [328192] - C:\Windows\system32\Drivers\udfs.sys [MD5.DC54A574663A895C8763AF0FA1FF7561] - [22/06/2016 01:29:45] - |A| - [48640] - C:\Windows\system32\Drivers\umbus.sys [MD5.292A8E03B3FCE04E39B5BE9B14132030] - [22/06/2016 01:29:23] - |A| - [32896] - C:\Windows\system32\Drivers\USBCAMD2.sys [MD5.481DFF26B4DCA8F4CBAC1F7DCE1D6829] - [22/06/2016 01:29:28] - |A| - [98816] - C:\Windows\system32\Drivers\usbccgp.sys [MD5.74EE782B1D9C241EFE425565854C661C] - [22/06/2016 01:30:21] - |A| - [52224] - C:\Windows\system32\Drivers\usbehci.sys [MD5.DC96BD9CCB8403251BCF25047573558E] - [22/06/2016 01:30:06] - |A| - [343040] - C:\Windows\system32\Drivers\usbhub.sys [MD5.B6D64EE607637301FF8C33139B4950DE] - [22/06/2016 01:30:24] - |A| - [325120] - C:\Windows\system32\Drivers\usbport.sys [MD5.C3EC945DEC43C00E2AD4C98DDDD064C7] - [22/06/2016 01:29:23] - |A| - [31744] - C:\Windows\system32\Drivers\usbrpm.sys [MD5.D76510CFA0FC09023077F22C2F979D86] - [22/06/2016 01:30:23] - |A| - [91648] - C:\Windows\system32\Drivers\USBSTOR.SYS [MD5.2CE2DF28C83AEAF30084E1B1EB253CBB] - [22/06/2016 01:30:52] - |A| - [215936] - C:\Windows\system32\Drivers\vhdmp.sys [MD5.86EA3E79AE350FEA5331A1303054005F] - [22/06/2016 01:30:41] - |A| - [199552] - C:\Windows\system32\Drivers\vmbus.sys [MD5.7DE90B48F210D29649380545DB45A187] - [22/06/2016 01:29:06] - |A| - [21760] - C:\Windows\system32\Drivers\VMBusHID.sys [MD5.E60C0A09F997826C7627B244195AB581] - [22/06/2016 01:29:20] - |A| - [6656] - C:\Windows\system32\Drivers\vms3cap.sys [MD5.7785DC213270D2FC066538DAF94087E7] - [22/06/2016 01:30:05] - |A| - [46464] - C:\Windows\system32\Drivers\vmstorfl.sys [MD5.D2AAFD421940F640B407AEFAAEBD91B0] - [22/06/2016 01:30:39] - |A| - [71552] - C:\Windows\system32\Drivers\volmgr.sys [MD5.A255814907C89BE58B79EF2F189B843B] - [22/06/2016 01:30:20] - |A| - [363392] - C:\Windows\system32\Drivers\volmgrx.sys [MD5.DF8126BD41180351A093A3AD2FC8903B] - [19/06/2016 19:08:33] - |A| - [296320] - C:\Windows\system32\Drivers\volsnap.sys [MD5.356AFD78A6ED4457169241AC3965230C] - [22/06/2016 01:30:20] - |A| - [88576] - C:\Windows\system32\Drivers\wanarp.sys [MD5.442783E2CB0DA19873B7A63833FF4CB4] - [19/06/2016 19:38:52] - |A| - [785512] - C:\Windows\system32\Drivers\Wdf01000.sys [MD5.AEA0A67275CFBA0E463E00C6E9A1DDAE] - [19/06/2016 19:38:52] - |A| - [54376] - C:\Windows\system32\Drivers\WdfLdr.sys [MD5.B4A1002206F6810EABC027DBBCE3B737] - [22/06/2016 01:30:08] - |A| - [52096] - C:\Windows\system32\Drivers\winhv.sys [MD5.D3381DC54C34D79B22CEE0D65BA91B7C] - [22/06/2016 01:29:22] - |A| - [112128] - C:\Windows\system32\Drivers\WUDFPf.sys [MD5.CF8D590BE3373029D57AF80914190682] - [22/06/2016 01:29:23] - |A| - [172544] - C:\Windows\system32\Drivers\WUDFRd.sys [MD5.00000000000000000000000000000000] - [20/06/2016 04:53:18] - |D| - [0] - C:\Windows\syswow64\040C [MD5.CF15E7B164E5824E731665E83CFCF536] - [22/06/2016 01:30:23] - |A| - [131584] - C:\Windows\syswow64\aaclient.dll [MD5.45C0DF404182850C21749AF7763C095F] - [22/06/2016 01:30:06] - |A| - [3727872] - C:\Windows\syswow64\accessibilitycpl.dll [MD5.B57053CD59114D36952461EE638D3784] - [22/06/2016 01:29:40] - |A| - [45568] - C:\Windows\syswow64\acppage.dll [MD5.9A39A2A5F443A756C568C6ED5748AFE4] - [22/06/2016 01:30:05] - |A| - [744448] - C:\Windows\syswow64\ActionCenter.dll [MD5.54DEFF61C4E6AF1581DA2F236154BA4C] - [22/06/2016 01:30:05] - |A| - [537600] - C:\Windows\syswow64\ActionCenterCPL.dll [MD5.521B748A7F9923302CA18B7E6AA2EEAE] - [22/06/2016 01:29:53] - |A| - [202752] - C:\Windows\syswow64\activeds.dll [MD5.D2958325C1AE1AE37A83334C6229E3BC] - [22/06/2016 01:30:12] - |A| - [309760] - C:\Windows\syswow64\actxprxy.dll [MD5.5862A867BB6228D427CB784F610662F7] - [22/06/2016 01:29:48] - |A| - [438272] - C:\Windows\syswow64\AdmTmpl.dll [MD5.3E709F7BFA217CD3B6FC338780465E20] - [22/06/2016 01:30:06] - |A| - [186880] - C:\Windows\syswow64\adsldp.dll [MD5.95E2376B3323F062EB562B8586D0F14A] - [22/06/2016 01:30:52] - |A| - [640512] - C:\Windows\syswow64\advapi32.dll [MD5.382BDDDE3438F9A65935ABC6B3F76D1B] - [22/06/2016 01:29:28] - |A| - [70656] - C:\Windows\syswow64\amstream.dll [MD5.863F793D15B4026B1A5FDECA873D4D84] - [22/06/2016 01:30:55] - |A| - [295936] - C:\Windows\syswow64\apphelp.dll [MD5.F68878CF6A7EA29EACEAD49A268FC447] - [22/06/2016 01:30:40] - |A| - [339968] - C:\Windows\syswow64\appmgr.dll [MD5.8EC00CCCBB3436D534FC8DA85FF943BF] - [22/06/2016 01:30:07] - |A| - [649216] - C:\Windows\syswow64\appwiz.cpl [MD5.8128B54EAA48F9C06B19A86C87752996] - [19/06/2016 20:16:04] - |RA| - [28672] - C:\Windows\syswow64\AsIO.dll [MD5.088CF5B6380FB9002F2A4246F812225D] - [22/06/2016 01:29:53] - |A| - [67584] - C:\Windows\syswow64\asycfilt.dll [MD5.965E1069169552890603E238340122B4] - [22/06/2016 01:30:08] - |A| - [294400] - C:\Windows\syswow64\atmfd.dll [MD5.426B3701F975B6C160F1C925A2E6CADF] - [22/06/2016 01:29:23] - |A| - [34304] - C:\Windows\syswow64\atmlib.dll [MD5.4634B0EE4098F0F2B972BDAC19A802E7] - [22/06/2016 01:29:43] - |A| - [243712] - C:\Windows\syswow64\audiodev.dll [MD5.C940F2F5C60B3727C5F18840735B229C] - [22/06/2016 01:30:21] - |A| - [195584] - C:\Windows\syswow64\AudioSes.dll [MD5.13A1F9A72F81509658F3E0B6AC2AD994] - [22/06/2016 01:31:13] - |A| - [5066752] - C:\Windows\syswow64\AuthFWSnapin.dll [MD5.CDD35C1CE1EBFE80C055691CDC8DF443] - [22/06/2016 01:30:48] - |A| - [1792000] - C:\Windows\syswow64\authui.dll [MD5.F88A52EB62019D6A62FDD9E08034DBD8] - [22/06/2016 01:30:21] - |A| - [668160] - C:\Windows\syswow64\autochk.exe [MD5.09D786401F6CA6AEB16B2811B169F944] - [22/06/2016 01:30:21] - |A| - [679424] - C:\Windows\syswow64\autoconv.exe [MD5.A475B7BB0CCCFD848AA26075E81D7888] - [22/06/2016 01:30:21] - |A| - [658944] - C:\Windows\syswow64\autofmt.exe [MD5.DFA05B91BA331F7407F5F50EEAA9E2B2] - [22/06/2016 01:30:04] - |A| - [146944] - C:\Windows\syswow64\autoplay.dll [MD5.FCA71F6230075CD687189AC29AB06945] - [22/06/2016 01:30:20] - |A| - [665600] - C:\Windows\syswow64\AuxiliaryDisplayCpl.dll [MD5.DCEABBA22E12CC44C2E7785C0EB9C6E3] - [22/06/2016 01:29:29] - |A| - [91648] - C:\Windows\syswow64\avifil32.dll [MD5.2F6C94BA73C976FAF939358D84E653E9] - [22/06/2016 01:30:40] - |A| - [762880] - C:\Windows\syswow64\azroles.dll [MD5.5BAC1C3853E2D1F3F65CBB578228A268] - [22/06/2016 01:30:06] - |A| - [314368] - C:\Windows\syswow64\azroleui.dll [MD5.CC0C2CF2EBD58234C45C5D0C046ABB79] - [22/06/2016 01:29:28] - |A| - [28160] - C:\Windows\syswow64\AzSqlExt.dll [MD5.B47CD1B9551DA3DE9166D6DD17E6FD82] - [22/06/2016 01:30:39] - |A| - [144768] - C:\Windows\syswow64\basecsp.dll [MD5.67C1B58706B47EEBA4E117AC197289E6] - [22/06/2016 01:30:06] - |A| - [740864] - C:\Windows\syswow64\batmeter.dll [MD5.0920B14AA67A8B04ACF48FFE7C6F0927] - [22/06/2016 01:29:29] - |A| - [186368] - C:\Windows\syswow64\bitsadmin.exe [MD5.0552A8684BF7566F744D5B19FF6AEC6B] - [22/06/2016 01:29:24] - |A| - [19456] - C:\Windows\syswow64\bitsperf.dll [MD5.EA2B00551F3E7B3D5F7FB730A55F8246] - [22/06/2016 01:29:53] - |A| - [743424] - C:\Windows\syswow64\blackbox.dll [MD5.45760EECC8B74B251171BE4F247F17CB] - [22/06/2016 01:29:28] - |A| - [41984] - C:\Windows\syswow64\browcli.dll [MD5.F977BE7B8C5462087374364EAFB3C15B] - [22/06/2016 01:29:23] - |A| - [10752] - C:\Windows\syswow64\browseui.dll [MD5.E3D5E244807AD655787FCD25477CC1BC] - [22/06/2016 01:30:05] - |A| - [692736] - C:\Windows\syswow64\bthprops.cpl [MD5.775C41C2F2EF3DD150A7444B95E631D0] - [22/06/2016 01:29:29] - |A| - [878592] - C:\Windows\syswow64\Bubbles.scr [MD5.7A6986DD659B96398A11AF5173892715] - [22/06/2016 01:29:28] - |A| - [73216] - C:\Windows\syswow64\cabinet.dll [MD5.41E215F560028DBAA897DEAEF8390A7A] - [22/06/2016 01:30:07] - |A| - [132608] - C:\Windows\syswow64\cabview.dll [MD5.60B7C0FEAD45F2066E5B805A91F4F0FC] - [22/06/2016 01:30:39] - |A| - [776192] - C:\Windows\syswow64\calc.exe [MD5.3FBBE458FB60D5F38EF5E19F53772088] - [22/06/2016 01:29:29] - |A| - [66560] - C:\Windows\syswow64\cca.dll [MD5.98C66B8010CD7B6865F308ABD87C8E86] - [22/06/2016 01:29:53] - |A| - [805376] - C:\Windows\syswow64\cdosys.dll [MD5.61B1ED5F429EFAC7E2036769870AB93E] - [22/06/2016 01:31:02] - |A| - [342016] - C:\Windows\syswow64\certcli.dll [MD5.29BC473072568C072EC8B176498DE996] - [22/06/2016 01:31:20] - |A| - [1334272] - C:\Windows\syswow64\CertEnroll.dll [MD5.34BEF0783E17E760BE6DBEFB888A94B8] - [22/06/2016 01:30:42] - |A| - [1555456] - C:\Windows\syswow64\certmgr.dll [MD5.44F5C1CF70AC8F7239F3B3667E58697A] - [22/06/2016 01:29:28] - |A| - [65024] - C:\Windows\syswow64\CertPolEng.dll [MD5.3FFAEA12666E565FF51BF2FCA674F543] - [22/06/2016 01:30:05] - |A| - [145920] - C:\Windows\syswow64\cfgmgr32.dll [MD5.AE9898D5600A232CD8AE3298692162E5] - [22/06/2016 01:29:42] - |A| - [230912] - C:\Windows\syswow64\clusapi.dll [MD5.AD7B9C14083B52BC532FBA5948342B98] - [22/06/2016 01:30:41] - |A| - [302592] - C:\Windows\syswow64\cmd.exe [MD5.00263CA2071DC9A6EE577EB356B0D1D9] - [22/06/2016 01:29:29] - |A| - [84992] - C:\Windows\syswow64\cmstp.exe [MD5.BDAC1AA64495D0F7E1FF810EBBF1F018] - [22/06/2016 01:30:24] - |A| - [530432] - C:\Windows\syswow64\comctl32.dll [MD5.D1DE1EAFDE97BE41CF6585027FF3E732] - [22/06/2016 01:30:42] - |A| - [485888] - C:\Windows\syswow64\comdlg32.dll [MD5.FF38E458637650CCF717A96E4C86DE1F] - [22/06/2016 01:31:10] - |A| - [641536] - C:\Windows\syswow64\CPFilters.dll [MD5.4E5FE39C1076D115EC8BFCFE14D75B80] - [22/06/2016 01:30:05] - |A| - [17408] - C:\Windows\syswow64\credssp.dll [MD5.108C2CFA5527458C096A699929ECBD80] - [22/06/2016 01:30:40] - |A| - [168960] - C:\Windows\syswow64\credui.dll [MD5.454E292861A4EF1D72F43F42BBAF6917] - [22/06/2016 01:31:09] - |A| - [1154048] - C:\Windows\syswow64\crypt32.dll [MD5.A585BEBF7D054BD9618EDA0922D5484A] - [22/06/2016 01:30:34] - |A| - [136192] - C:\Windows\syswow64\cryptsvc.dll [MD5.28CA821606669BB9215CE010767720FA] - [22/06/2016 01:30:06] - |A| - [1003520] - C:\Windows\syswow64\cryptui.dll [MD5.465BEA35F7ED4A4A57686DEA7EA10F47] - [22/06/2016 01:29:29] - |A| - [34816] - C:\Windows\syswow64\cscapi.dll [MD5.57A51217581614DE07F30E34D6BB4993] - [22/06/2016 01:29:23] - |A| - [23040] - C:\Windows\syswow64\cscdll.dll [MD5.CF4274CEEA9F7791FB7FC40A066BC2C7] - [22/06/2016 01:30:22] - |A| - [139264] - C:\Windows\syswow64\cscobj.dll [MD5.FDEF330575C8C8EAD815F58BB7A93ED3] - [19/06/2016 19:12:25] - |RA| - [53248] - C:\Windows\syswow64\CSVer.dll [MD5.035074DAEB2333A248FD9C6B88AD16CD] - [22/06/2016 01:29:23] - |A| - [11264] - C:\Windows\syswow64\C_ISCII.DLL [MD5.64CA3862D74EA610CD64DC6AD652DB5E] - [22/06/2016 01:31:24] - |A| - [739840] - C:\Windows\syswow64\d2d1.dll [MD5.F75BFDACAF4AD540444FFC31B49BDA99] - [22/06/2016 01:29:29] - |A| - [489984] - C:\Windows\syswow64\d3d10level9.dll [MD5.78B7A3BDA25C90DAA50D36A56A8D1351] - [22/06/2016 01:31:28] - |A| - [1171456] - C:\Windows\syswow64\d3d10warp.dll [MD5.9C36A3CA80F9B204C670336D344F5DF8] - [22/06/2016 01:30:42] - |A| - [219136] - C:\Windows\syswow64\d3d10_1core.dll [MD5.33D933951E1DD39BA9A973CA5651BC90] - [22/06/2016 01:30:52] - |A| - [522752] - C:\Windows\syswow64\d3d11.dll [MD5.6EF5F3F18413C367195F06E503AB86A6] - [22/06/2016 01:31:10] - |A| - [1828352] - C:\Windows\syswow64\d3d9.dll [MD5.FAE7E1D578C42A7C3D9D61A99D178BD5] - [19/06/2016 23:11:55] - |A| - [1123696] - C:\Windows\syswow64\D3DCompiler_33.dll [MD5.75F206C195BBACA6EF28565B1C0CD75C] - [19/06/2016 23:11:59] - |A| - [1124720] - C:\Windows\syswow64\D3DCompiler_34.dll [MD5.5B441670A4F5F8BCCE76741902B8AF56] - [19/06/2016 23:12:00] - |A| - [1358192] - C:\Windows\syswow64\D3DCompiler_35.dll [MD5.FB4299688A0D3A37687C015AC2B9922D] - [19/06/2016 23:12:00] - |A| - [1374232] - C:\Windows\syswow64\D3DCompiler_36.dll [MD5.EA752DBCE35045D3C830DC16578CC8AB] - [19/06/2016 23:12:01] - |A| - [1420824] - C:\Windows\syswow64\D3DCompiler_37.dll [MD5.103CBFC5591008AD33046E20E8E1EEBE] - [19/06/2016 23:12:02] - |A| - [1491992] - C:\Windows\syswow64\D3DCompiler_38.dll [MD5.C4F1972497FE2CEB7D900938C97FCF91] - [19/06/2016 23:12:03] - |A| - [1493528] - C:\Windows\syswow64\D3DCompiler_39.dll [MD5.3384134EEB8F223178C2EB8323003EC0] - [19/06/2016 23:12:11] - |A| - [2036576] - C:\Windows\syswow64\D3DCompiler_40.dll [MD5.781E8B5B6FDB3C9B4E4A4A9FB019960D] - [19/06/2016 23:12:12] - |A| - [1846632] - C:\Windows\syswow64\D3DCompiler_41.dll [MD5.B33B21DB610116262D906305CE65C354] - [19/06/2016 23:12:13] - |A| - [1974616] - C:\Windows\syswow64\D3DCompiler_42.dll [MD5.1C9B45E87528B8BB8CFA884EA0099A85] - [19/06/2016 23:12:23] - |A| - [2106216] - C:\Windows\syswow64\D3DCompiler_43.dll [MD5.B337306DFB508A1BCEF1974BFBB8D924] - [19/06/2016 23:12:13] - |A| - [5501792] - C:\Windows\syswow64\d3dcsx_42.dll [MD5.83EBA442F07AAB8D6375D2EEC945C46C] - [19/06/2016 23:12:23] - |A| - [1868128] - C:\Windows\syswow64\d3dcsx_43.dll [MD5.6F34F7405807DCBF0B9BF6811C94C6D9] - [19/06/2016 23:11:55] - |A| - [440080] - C:\Windows\syswow64\d3dx10.dll [MD5.37A8171ACCF46A9C196054066C28827F] - [19/06/2016 23:11:55] - |A| - [443752] - C:\Windows\syswow64\d3dx10_33.dll [MD5.5AA9987F2E62B56D7661B6901901F927] - [19/06/2016 23:11:59] - |A| - [443752] - C:\Windows\syswow64\d3dx10_34.dll [MD5.F3764552E45880DC49B82F38699AA87C] - [19/06/2016 23:12:00] - |A| - [444776] - C:\Windows\syswow64\d3dx10_35.dll [MD5.D9158E78A368B08D9133043EB3058C12] - [19/06/2016 23:12:00] - |A| - [444776] - C:\Windows\syswow64\d3dx10_36.dll [MD5.4A43E9A2B17E4CAFA9CB5FEC0B5B686B] - [19/06/2016 23:12:01] - |A| - [462864] - C:\Windows\syswow64\d3dx10_37.dll [MD5.A2650B27472C21CDD817EEEDE65648E1] - [19/06/2016 23:12:02] - |A| - [467984] - C:\Windows\syswow64\d3dx10_38.dll [MD5.E6C2F1D8B667DDC04CB55B9F0159EF97] - [19/06/2016 23:12:03] - |A| - [467984] - C:\Windows\syswow64\d3dx10_39.dll [MD5.91B4AAD4412BB223B466F3DFB43E86DA] - [19/06/2016 23:12:11] - |A| - [452440] - C:\Windows\syswow64\d3dx10_40.dll [MD5.1AA571774936717EE776DBED51E9EDF4] - [19/06/2016 23:12:12] - |A| - [453456] - C:\Windows\syswow64\d3dx10_41.dll [MD5.501AC862517C5445742BEE8A2B88414E] - [19/06/2016 23:12:12] - |A| - [453456] - C:\Windows\syswow64\d3dx10_42.dll [MD5.20C835843FCEC4DEDFCD7BFFA3B91641] - [19/06/2016 20:51:39] - |A| - [470880] - C:\Windows\syswow64\d3dx10_43.dll [MD5.D09AC80A4B5312239852836C84DF3392] - [19/06/2016 23:12:12] - |A| - [235344] - C:\Windows\syswow64\d3dx11_42.dll [MD5.8E0BB968FF41D80E5F2C747C04DB79AE] - [19/06/2016 20:51:39] - |A| - [248672] - C:\Windows\syswow64\d3dx11_43.dll [MD5.BC831661963763AC4D504C5CABB1FDD9] - [19/06/2016 23:11:35] - |A| - [2222800] - C:\Windows\syswow64\d3dx9_24.dll [MD5.5B48FE9D6686F0D54B26A005ACE24D1D] - [19/06/2016 23:11:35] - |A| - [2337488] - C:\Windows\syswow64\d3dx9_25.dll [MD5.523AB607EEF81CC4D909E7FEBD8A788E] - [19/06/2016 23:11:35] - |A| - [2297552] - C:\Windows\syswow64\d3dx9_26.dll [MD5.852EDC778A7A50077694F84D8E601234] - [19/06/2016 23:11:35] - |A| - [2319568] - C:\Windows\syswow64\d3dx9_27.dll [MD5.BE19B603DFBAA829EE5B7749B3BA97DB] - [19/06/2016 23:11:36] - |A| - [2323664] - C:\Windows\syswow64\d3dx9_28.dll [MD5.99F4FC172A5ACE36CF00AA7038D23F2C] - [19/06/2016 23:11:52] - |A| - [2332368] - C:\Windows\syswow64\d3dx9_29.dll [MD5.E415862612E65F10D7D888443ECD7594] - [19/06/2016 23:11:52] - |A| - [2388176] - C:\Windows\syswow64\d3dx9_30.dll [MD5.797E24743937D67D69F28F2CF5052EE8] - [19/06/2016 23:11:54] - |A| - [2414360] - C:\Windows\syswow64\d3dx9_31.dll [MD5.26AF232140C88B42D92A88F2198EDF6A] - [19/06/2016 23:11:54] - |A| - [3426072] - C:\Windows\syswow64\d3dx9_32.dll [MD5.CDB1CD22BAFF21F48606B3C1A18B000B] - [19/06/2016 23:11:55] - |A| - [3495784] - C:\Windows\syswow64\d3dx9_33.dll [MD5.1CA939918ED1B930059B3A882DE6F648] - [19/06/2016 23:11:59] - |A| - [3497832] - C:\Windows\syswow64\d3dx9_34.dll [MD5.3EF18B78D17C962F2B71AC1CB7757684] - [19/06/2016 23:11:59] - |A| - [3727720] - C:\Windows\syswow64\d3dx9_35.dll [MD5.44BFEC5C9C82A2EE9871D88FD3B9A0E2] - [19/06/2016 23:12:00] - |A| - [3734536] - C:\Windows\syswow64\d3dx9_36.dll [MD5.AC3C517FB0FBBE45FE44007BCD3625A7] - [19/06/2016 23:12:01] - |A| - [3786760] - C:\Windows\syswow64\D3DX9_37.dll [MD5.8F3EB548AC4ED90252394F60C77E3196] - [19/06/2016 23:12:02] - |A| - [3850760] - C:\Windows\syswow64\D3DX9_38.dll [MD5.8CB3DEFB8887C4F0846DB1FC1304D6D2] - [19/06/2016 23:12:02] - |A| - [3851784] - C:\Windows\syswow64\D3DX9_39.dll [MD5.EEA5E428CE63804F9B12D21C97B5968F] - [19/06/2016 23:12:11] - |A| - [4379984] - C:\Windows\syswow64\D3DX9_40.dll [MD5.3FA06CF5079B84155D18B05C08F7131B] - [19/06/2016 23:12:12] - |A| - [4178264] - C:\Windows\syswow64\D3DX9_41.dll [MD5.C6A44FC3CF2F5801561804272217B14D] - [19/06/2016 23:12:12] - |A| - [1892184] - C:\Windows\syswow64\D3DX9_42.dll [MD5.86E39E9161C3D930D93822F1563C280D] - [19/06/2016 20:51:39] - |A| - [1998168] - C:\Windows\syswow64\D3DX9_43.dll [MD5.284B59D7B56FC76C80E622AB856B1FAB] - [22/06/2016 01:30:23] - |A| - [80384] - C:\Windows\syswow64\davclnt.dll [MD5.8E8C92DD50F6B34907813AFDC0C8F7DD] - [22/06/2016 01:30:54] - |A| - [2522624] - C:\Windows\syswow64\dbgeng.dll [MD5.53223B673A3FA2F9A4D1C31C8D3F6CD8] - [22/06/2016 01:30:39] - |A| - [854016] - C:\Windows\syswow64\dbghelp.dll [MD5.1E511EE4B9A594078E548186061C3B85] - [20/06/2016 00:44:06] - |A| - [3232] - C:\Windows\syswow64\debug.log [MD5.73CB55D2E8099D24FD077C990FFE3DDB] - [22/06/2016 01:30:05] - |A| - [220672] - C:\Windows\syswow64\defaultlocationcpl.dll [MD5.079D12BFED9E3E03D02A44BAF8FFA3A9] - [22/06/2016 01:29:28] - |A| - [128000] - C:\Windows\syswow64\desk.cpl [MD5.2A39F32E0067CBF221611FE1FA8C6D8F] - [22/06/2016 01:29:58] - |A| - [484864] - C:\Windows\syswow64\DeviceCenter.dll [MD5.5DC6DBFC22911C58FD2C9208A9756021] - [22/06/2016 01:29:42] - |A| - [211456] - C:\Windows\syswow64\DevicePairingFolder.dll [MD5.FB036244DBD2FADC225AD8650886B641] - [22/06/2016 01:29:52] - |A| - [586752] - C:\Windows\syswow64\dfrgui.exe [MD5.518318A103C888001054EFA1236E5033] - [22/06/2016 01:31:39] - |A| - [1130824] - C:\Windows\syswow64\dfshim.dll [MD5.E9E01EB683C132F7FA27CD607B8A2B63] - [22/06/2016 01:30:40] - |A| - [254464] - C:\Windows\syswow64\dhcpcore.dll [MD5.2C60338287CB0AEC009D0B48CEA864D2] - [22/06/2016 01:29:28] - |A| - [133632] - C:\Windows\syswow64\diskpart.exe [MD5.BF1EAD0561F37CEA65F76DD276F90E04] - [22/06/2016 01:29:41] - |A| - [276480] - C:\Windows\syswow64\diskraid.exe [MD5.14558D849EC14160AC3DACD8AC36E10A] - [22/06/2016 01:30:08] - |A| - [1040384] - C:\Windows\syswow64\Display.dll [MD5.59DF156711A76BCB993253EC6C9BBF41] - [22/06/2016 01:30:41] - |A| - [270336] - C:\Windows\syswow64\dnsapi.dll [MD5.AD61F7AFE913B2642650504DF283AA63] - [22/06/2016 01:29:28] - |A| - [28672] - C:\Windows\syswow64\dnscacheugc.exe [MD5.7DC1FABD139B6AE5743C5DF75EEC5958] - [22/06/2016 01:30:07] - |A| - [109056] - C:\Windows\syswow64\dnscmmc.dll [MD5.04B88428A872390D235BE52D38A9D4EF] - [22/06/2016 01:30:56] - |A| - [91136] - C:\Windows\syswow64\dot3api.dll [MD5.B06B2FEC249F48C4E7F628B689859AC7] - [22/06/2016 01:30:05] - |A| - [82432] - C:\Windows\syswow64\dot3cfg.dll [MD5.0CE0812F2BDFED908FB1066AD4B868C7] - [22/06/2016 01:29:29] - |A| - [115200] - C:\Windows\syswow64\dot3msm.dll [MD5.8FBE98499ADC541C63BB10B722DA00D4] - [22/06/2016 01:29:53] - |A| - [333824] - C:\Windows\syswow64\dot3ui.dll [MD5.D667E487B72FEB7FFEAD869ECC0467CF] - [22/06/2016 01:29:06] - |A| - [2560] - C:\Windows\syswow64\dpnaddr.dll [MD5.0C0DF0F05BAEA320FA301F34E256E08B] - [22/06/2016 01:29:53] - |A| - [257024] - C:\Windows\syswow64\dpx.dll [MD5.2708C75F1A7FA45403383C7E43A82A81] - [22/06/2016 01:29:35] - |A| - [402944] - C:\Windows\syswow64\drmmgrtn.dll [MD5.ED04627EF998D04182C00ECD211FACBD] - [22/06/2016 01:30:42] - |A| - [323072] - C:\Windows\syswow64\drvstore.dll [MD5.6D666983C638F5E507C4A11AED1291CC] - [22/06/2016 01:29:23] - |A| - [30208] - C:\Windows\syswow64\dsauth.dll [MD5.C9FB8C3D650EF8BD76865EC20A19A5BC] - [22/06/2016 01:30:52] - |A| - [252928] - C:\Windows\syswow64\DShowRdpFilter.dll [MD5.97D7CC94EEA6EBB6B928EA3DD91A2A0C] - [22/06/2016 01:29:58] - |A| - [196608] - C:\Windows\syswow64\dskquoui.dll [MD5.918379B6C94AA59F567E06FB4E0E5E1B] - [22/06/2016 01:29:52] - |A| - [685056] - C:\Windows\syswow64\dsuiext.dll [MD5.497E59D9F01C6F247E72222A61835119] - [22/06/2016 01:31:01] - |A| - [1371136] - C:\Windows\syswow64\dwmcore.dll [MD5.6B5742C830FFADBD9F1BA7AC7B29BB57] - [22/06/2016 01:31:10] - |A| - [1076736] - C:\Windows\syswow64\DWrite.dll [MD5.69C85737F4CA5634E7A19B818579D176] - [22/06/2016 01:29:34] - |A| - [210432] - C:\Windows\syswow64\dxdiagn.dll [MD5.0411B7958C524BB2E91EE1B3035FE321] - [22/06/2016 01:30:39] - |A| - [508416] - C:\Windows\syswow64\dxgi.dll [MD5.1AD13A1281BAC6D90B1512A6FFCBB78C] - [22/06/2016 01:29:22] - |A| - [4096] - C:\Windows\syswow64\dxmasf.dll [MD5.1078F4A06BE5DACDC8429215ADAE8104] - [22/06/2016 01:30:22] - |A| - [630784] - C:\Windows\syswow64\DXPTaskRingtone.dll [MD5.ABA2AAA6F31EE934A76C87B537515EC6] - [22/06/2016 01:30:08] - |A| - [1400320] - C:\Windows\syswow64\DxpTaskSync.dll [MD5.9B9EF57993ECC02CE7469F3F3AC3CE10] - [22/06/2016 01:29:29] - |A| - [242176] - C:\Windows\syswow64\eapp3hst.dll [MD5.6DB7ECBA34165ACB99A1A3C7F739E757] - [22/06/2016 01:29:28] - |A| - [94208] - C:\Windows\syswow64\eappgnui.dll [MD5.9A892B3439884C62B04718F0303A49E9] - [22/06/2016 01:30:21] - |A| - [222208] - C:\Windows\syswow64\eapphost.dll [MD5.3F6D9269E7B3A754B1C2F8533DC7F318] - [22/06/2016 01:30:05] - |A| - [205312] - C:\Windows\syswow64\efscore.dll [MD5.1060D60CCA69A8136A87DBE3C8F4A467] - [22/06/2016 01:29:29] - |A| - [128512] - C:\Windows\syswow64\EhStorAPI.dll [MD5.7B3FD36359DE5D2EE49D213CCAD13427] - [22/06/2016 01:29:24] - |A| - [22528] - C:\Windows\syswow64\elsTrans.dll [MD5.C42C0258F7F20CEC45432496C4650714] - [22/06/2016 01:30:39] - |A| - [534528] - C:\Windows\syswow64\EncDec.dll [MD5.256503028879103E9741A276FA24D65D] - [22/06/2016 01:31:19] - |A| - [1698816] - C:\Windows\syswow64\esent.dll [MD5.050A774CF85E04EE4387515994B8455D] - [22/06/2016 01:30:07] - |A| - [288256] - C:\Windows\syswow64\eudcedit.exe [MD5.53AF1750FD45DDD705C9B68C7DC58827] - [22/06/2016 01:30:39] - |A| - [488448] - C:\Windows\syswow64\evr.dll [MD5.40D777B7A95E00593EB1568C68514493] - [22/06/2016 01:31:10] - |A| - [2616320] - C:\Windows\syswow64\explorer.exe [MD5.E2A17BCC08D92F42E08AF6BA2F93ABA7] - [22/06/2016 01:31:11] - |A| - [1493504] - C:\Windows\syswow64\ExplorerFrame.dll [MD5.1E8D06AAE74FED674C1156B3FEA911C2] - [22/06/2016 01:30:05] - |A| - [320512] - C:\Windows\syswow64\Faultrep.dll [MD5.B70B2E022318E7EF942EEAC7126E6972] - [22/06/2016 01:30:23] - |A| - [124416] - C:\Windows\syswow64\fde.dll [MD5.6F241D9C35D157A376003CDEF2E26CAE] - [22/06/2016 01:30:06] - |A| - [59904] - C:\Windows\syswow64\fdeploy.dll [MD5.18F02C555FBC9885DF9DB77754D6BB9B] - [22/06/2016 01:29:28] - |A| - [62976] - C:\Windows\syswow64\findstr.exe [MD5.84897874906481E0B3F4045DAD90D69F] - [22/06/2016 01:30:07] - |A| - [856576] - C:\Windows\syswow64\FirewallControlPanel.dll [MD5.737AFC772243C75E6AD17A7A8E8E23F9] - [22/06/2016 01:29:53] - |A| - [93696] - C:\Windows\syswow64\fms.dll [MD5.69C81451DCE63069A036FBF646A86996] - [22/06/2016 01:30:06] - |A| - [828928] - C:\Windows\syswow64\fontext.dll [MD5.6036FEA5F21DF7BBE788DF7F070ACB66] - [22/06/2016 01:29:39] - |A| - [70656] - C:\Windows\syswow64\fontsub.dll [MD5.8126CB6DEA909054E4ECA1F0D55B7579] - [22/06/2016 01:29:29] - |A| - [98304] - C:\Windows\syswow64\fphc.dll [MD5.00000000000000000000000000000000] - [20/06/2016 04:53:18] - |D| - [1720320] - C:\Windows\syswow64\fr [MD5.E362FAA5E232D9A326F42D8F78AEA2D8] - [22/06/2016 01:30:21] - |A| - [202752] - C:\Windows\syswow64\framedyn.dll [MD5.D0481FB85BEEDD30A0884BE327880F80] - [22/06/2016 01:30:41] - |A| - [206336] - C:\Windows\syswow64\framedynos.dll [MD5.9996103F8A650BDB3586C9AAE1101912] - [22/06/2016 01:30:05] - |A| - [42496] - C:\Windows\syswow64\ftp.exe [MD5.03A03A453F1AAAE0C73AAAF895321C7A] - [22/06/2016 01:30:07] - |A| - [216576] - C:\Windows\syswow64\FWPUCLNT.DLL [MD5.E84735F79C272FCEC320A6BED2861475] - [22/06/2016 01:29:28] - |A| - [45568] - C:\Windows\syswow64\g711codc.ax [MD5.19BC13711AC403FEB830522E4831701B] - [22/06/2016 01:30:22] - |A| - [2576384] - C:\Windows\syswow64\gameux.dll [MD5.D6D3AD7BF1D6F6CE9547613ED5E170A2] - [22/06/2016 01:30:24] - |A| - [311296] - C:\Windows\syswow64\gdi32.dll [MD5.1ECF8CD26AF7D9555C5B09CC2BDF51EF] - [22/06/2016 01:30:52] - |A| - [584192] - C:\Windows\syswow64\gpprefcl.dll [MD5.CFE599FA85D52F82327FA8C549AD9296] - [22/06/2016 01:30:21] - |A| - [66560] - C:\Windows\syswow64\hbaapi.dll [MD5.C7952D0A4C43A965A1741916BB134751] - [22/06/2016 01:30:07] - |A| - [312832] - C:\Windows\syswow64\hgcpl.dll [MD5.B50ADE806DA25E20449C3EC822F2A24A] - [22/06/2016 01:29:23] - |A| - [386048] - C:\Windows\syswow64\html.iec [MD5.8CD1DEE212E52B9C22E66DBA44991D32] - [22/06/2016 01:29:53] - |A| - [34816] - C:\Windows\syswow64\httpapi.dll [MD5.EB9B8B2C75FFC489F57E16794FD41215] - [22/06/2016 01:30:06] - |A| - [78848] - C:\Windows\syswow64\iasacct.dll [MD5.186147C89867B66CB02667D4037C7550] - [22/06/2016 01:30:05] - |A| - [172032] - C:\Windows\syswow64\iasrad.dll [MD5.4EA584FCC419E66E9ADCEEAE0B0A7301] - [22/06/2016 01:29:28] - |A| - [122880] - C:\Windows\syswow64\iasrecst.dll [MD5.1DE21EC4A2232FF4F5298ADCAE7B3690] - [22/06/2016 01:29:28] - |A| - [82944] - C:\Windows\syswow64\iccvid.dll [MD5.0EE3BD34729C40BD0853825753ACB319] - [22/06/2016 01:30:34] - |A| - [176128] - C:\Windows\syswow64\ie4uinit.exe [MD5.0E4A28030C7C6B8A57A60BAF494B114D] - [22/06/2016 01:30:56] - |A| - [389120] - C:\Windows\syswow64\iedkcs32.dll [MD5.4619E14B2DF4137907CD988ACA4B30A5] - [22/06/2016 01:31:22] - |A| - [10990080] - C:\Windows\syswow64\ieframe.dll [MD5.B54856B913CCBF23F456F87148F42920] - [22/06/2016 01:30:22] - |A| - [186368] - C:\Windows\syswow64\iepeers.dll [MD5.683E0C9DA9E1EB9E4691DFAE0EC83E36] - [22/06/2016 01:31:20] - |A| - [2064384] - C:\Windows\syswow64\iertutil.dll [MD5.3F0C0726F7C24E852D1590ABE721877D] - [22/06/2016 01:30:05] - |A| - [114688] - C:\Windows\syswow64\iesysprep.dll [MD5.EB93C2852842F76872DCFB19735775DC] - [22/06/2016 01:30:05] - |A| - [139264] - C:\Windows\syswow64\ieUnatt.exe [MD5.82A9C6ADDCC4D392293AF15C09192DEC] - [22/06/2016 01:30:05] - |A| - [148992] - C:\Windows\syswow64\ifsutil.dll [MD5.B2FD31E20B423335FE3273B4BF95813C] - [22/06/2016 01:29:29] - |A| - [155136] - C:\Windows\syswow64\imagehlp.dll [MD5.2D11BC8B460957E62E4420373A0D8BDA] - [22/06/2016 01:30:22] - |A| - [392192] - C:\Windows\syswow64\imapi2.dll [MD5.7A82634C75F5CD12EFCF43897A2E28CE] - [22/06/2016 01:30:49] - |A| - [732160] - C:\Windows\syswow64\imapi2fs.dll [MD5.93117349047DDB7B3FF24EB006207606] - [22/06/2016 01:29:45] - |A| - [34304] - C:\Windows\syswow64\imgutil.dll [MD5.AC32AF909111561893E42E8EC89C5532] - [22/06/2016 01:29:28] - |A| - [1027584] - C:\Windows\syswow64\IMJP10.IME [MD5.41EE23F636C6E9BDE5E8C09454CBEEFD] - [22/06/2016 01:29:23] - |A| - [430080] - C:\Windows\syswow64\imkr80.ime [MD5.A6F09E5669D9A19035F6D942CAA15882] - [22/06/2016 01:29:24] - |A| - [119808] - C:\Windows\syswow64\imm32.dll [MD5.A8087578D186C9934DF853D873034B3B] - [22/06/2016 01:30:40] - |A| - [741376] - C:\Windows\syswow64\inetcomm.dll [MD5.689C8B052E742E054402359F3685FE10] - [22/06/2016 01:30:20] - |A| - [1466368] - C:\Windows\syswow64\inetcpl.cpl [MD5.BF7DDBE14FA4B68AAB6A3C78EF5C96B8] - [22/06/2016 01:29:28] - |A| - [52736] - C:\Windows\syswow64\inetmib1.dll [MD5.9B9A0802B4E34CC4D9DB04AB6ABFA8AE] - [22/06/2016 01:29:35] - |A| - [202240] - C:\Windows\syswow64\input.dll [MD5.1A592132917CB343E692B419C2A1BD9F] - [22/06/2016 01:29:34] - |A| - [96256] - C:\Windows\syswow64\inseng.dll [MD5.0FE24BD8E67F3A6757A5D193A7A9B287] - [22/06/2016 01:30:05] - |A| - [345088] - C:\Windows\syswow64\intl.cpl [MD5.A90DC9ABD65DB1A8902F361103029952] - [22/06/2016 01:30:21] - |A| - [103936] - C:\Windows\syswow64\IPHLPAPI.DLL [MD5.D8B2F66671C13C4C2F22FE3A588945F8] - [22/06/2016 01:30:05] - |A| - [271360] - C:\Windows\syswow64\iprtrmgr.dll [MD5.B1603F0A972B94927B8EF5F04DF11855] - [22/06/2016 01:30:21] - |A| - [400896] - C:\Windows\syswow64\ipsmsnap.dll [MD5.4542DED3177F52CF075565987885EB0D] - [22/06/2016 01:29:28] - |A| - [144896] - C:\Windows\syswow64\iscsicli.exe [MD5.98F657555DD1C1A30362927DF8FBB266] - [22/06/2016 01:29:29] - |A| - [28672] - C:\Windows\syswow64\iscsium.dll [MD5.3FE9A20ECA67745948FD536F8A9E00D9] - [22/06/2016 01:29:53] - |A| - [86528] - C:\Windows\syswow64\isoburn.exe [MD5.100733DAEA508929EDDF1A3A3B7324CE] - [22/06/2016 01:29:28] - |A| - [158720] - C:\Windows\syswow64\itircl.dll [MD5.00F48A9D03F672F7EBE601FFA9BB6F28] - [22/06/2016 01:29:34] - |A| - [219648] - C:\Windows\syswow64\iTVData.dll [MD5.55663BED58AEDDE8ADE37A582CD8380C] - [22/06/2016 01:29:29] - |A| - [50176] - C:\Windows\syswow64\iyuv_32.dll [MD5.F22F10918F02BC39F7EA93455A2D8CD7] - [22/06/2016 01:30:40] - |A| - [716800] - C:\Windows\syswow64\jscript.dll [MD5.9271FEAC9A9315BBE57AF7FDF015F149] - [22/06/2016 01:29:19] - |A| - [6656] - C:\Windows\syswow64\KBDBASH.DLL [MD5.FEA475B6EA19F97552FF8DB32A7CA466] - [22/06/2016 01:29:20] - |A| - [6656] - C:\Windows\syswow64\KBDBLR.DLL [MD5.3B98C3BA686360321BAA7CD3B1596BEE] - [22/06/2016 01:29:19] - |A| - [6656] - C:\Windows\syswow64\KBDBULG.DLL [MD5.D6801E2ABA69BC4E3D054B95672D2375] - [22/06/2016 01:29:20] - |A| - [7680] - C:\Windows\syswow64\KBDCZ1.DLL [MD5.3296259F0A8869B43ED7A1780019A3B6] - [22/06/2016 01:29:20] - |A| - [6656] - C:\Windows\syswow64\KBDGEO.DLL [MD5.4A386B6D98985211DD53230E021D96DB] - [22/06/2016 01:29:21] - |A| - [7680] - C:\Windows\syswow64\KBDGKL.DLL [MD5.2D4B571E791864812B1E16593DB04059] - [22/06/2016 01:29:21] - |A| - [7680] - C:\Windows\syswow64\KBDGR1.DLL [MD5.8023492406076F27EE87F9FB797306BA] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\syswow64\KBDINBEN.DLL [MD5.50FBE3673400D829F1B2F862E506B7DE] - [22/06/2016 01:29:20] - |A| - [7168] - C:\Windows\syswow64\KBDINHIN.DLL [MD5.E48A447DC871F38DCBE1E6968BAC724B] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\syswow64\KBDINKAN.DLL [MD5.7E6E8F04A776F832809BD983AE754C09] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\syswow64\KBDINMAR.DLL [MD5.3BF12A89957899B2051F681478D4BCC3] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\syswow64\KBDINORI.DLL [MD5.238B267A88D47051F681E08B323BA61A] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\syswow64\KBDINTAM.DLL [MD5.38F0CE2CAAD25209E332E4F6875408E4] - [22/06/2016 01:29:20] - |A| - [6656] - C:\Windows\syswow64\KBDINTEL.DLL [MD5.7092786358683785D33750D5065E582B] - [22/06/2016 01:29:21] - |A| - [7680] - C:\Windows\syswow64\kbdlk41a.dll [MD5.1CB227CE60A8FC9B6CFDC52842F27A8E] - [22/06/2016 01:29:19] - |A| - [6656] - C:\Windows\syswow64\KBDLT1.DLL [MD5.A6D9ECB19815C28B7F46CD7C78277A90] - [22/06/2016 01:29:19] - |A| - [6656] - C:\Windows\syswow64\KBDMAORI.DLL [MD5.51844675D4825C7C0DA4CABB339076BA] - [22/06/2016 01:29:20] - |A| - [6656] - C:\Windows\syswow64\KBDMON.DLL [MD5.A17F329C13843466533858226FA79863] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\syswow64\KBDNEPR.DLL [MD5.FB675B46C2CD4A6CFBF2E4FC1E9E78D8] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\syswow64\KBDPO.DLL [MD5.2272041C588CFC769B81B7CF1DEF8C85] - [22/06/2016 01:29:19] - |A| - [7168] - C:\Windows\syswow64\KBDSF.DLL [MD5.088F89DE9FC7B7B2987A8FD56283E8AE] - [22/06/2016 01:29:21] - |A| - [7680] - C:\Windows\syswow64\KBDSG.DLL [MD5.BB6A8AF899EF1B083D5598E4FC5AFCEF] - [22/06/2016 01:29:20] - |A| - [6656] - C:\Windows\syswow64\KBDTAJIK.DLL [MD5.CE2900082FA2FCFF84DB7C54E8157AE7] - [22/06/2016 01:29:21] - |A| - [7680] - C:\Windows\syswow64\KBDTUF.DLL [MD5.15A3B56FC389403885B34D80F16F7F19] - [22/06/2016 01:29:21] - |A| - [7680] - C:\Windows\syswow64\KBDTUQ.DLL [MD5.3CA70549F8DAD444D338C1764DBECE8A] - [22/06/2016 01:29:20] - |A| - [6656] - C:\Windows\syswow64\KBDTURME.DLL [MD5.E78640D09AD4B39741DB1348977F7440] - [22/06/2016 01:29:20] - |A| - [6656] - C:\Windows\syswow64\KBDUGHR1.DLL [MD5.71C4F42DC8DB668E826DA79462EA741E] - [22/06/2016 01:29:20] - |A| - [6656] - C:\Windows\syswow64\KBDUS.DLL [MD5.D9415DBA9FC6BAA8858FB0DD7D1176EB] - [22/06/2016 01:31:04] - |A| - [541696] - C:\Windows\syswow64\kerberos.dll [MD5.E80758CF485DB142FCA1EE03A34EAD05] - [22/06/2016 01:30:42] - |A| - [837632] - C:\Windows\syswow64\kernel32.dll [MD5.61EABC3358D869519D851B08C8FA512D] - [22/06/2016 01:29:52] - |A| - [269824] - C:\Windows\syswow64\KernelBase.dll [MD5.C140F86932B5B61F54A4D836E2D34AB2] - [22/06/2016 01:29:53] - |A| - [193536] - C:\Windows\syswow64\ksproxy.ax [MD5.E783DE1447EC0EED7B768BB69705D8E3] - [22/06/2016 01:29:29] - |A| - [84480] - C:\Windows\syswow64\kstvtune.ax [MD5.630A31F277349109299E590856A4B004] - [22/06/2016 01:29:29] - |A| - [107008] - C:\Windows\syswow64\Kswdmcap.ax [MD5.3D97D200A1449F3995E88BEA8F7D0C81] - [22/06/2016 01:29:28] - |A| - [48640] - C:\Windows\syswow64\ksxbar.ax [MD5.D41D8CD98F00B204E9800998ECF8427E] - [22/06/2016 03:13:41] - |A| - [0] - C:\Windows\syswow64\last.dump [MD5.DF3D58359C42F4D8F93B3732ADF03F09] - [22/06/2016 01:30:09] - |A| - [44544] - C:\Windows\syswow64\licmgr10.dll [MD5.C5DEA5B95AF9AA981C88CAB94A58213E] - [22/06/2016 01:31:04] - |A| - [419880] - C:\Windows\syswow64\locale.nls [MD5.573EF199073CE66169B4A8166EB8581B] - [22/06/2016 01:30:06] - |A| - [429056] - C:\Windows\syswow64\localsec.dll [MD5.EA7D55E6964AA852BC7AE6F1C3349A55] - [22/06/2016 01:29:32] - |A| - [95232] - C:\Windows\syswow64\logagent.exe [MD5.2F3FD95C12AAED396EB1FFE4AF919BFF] - [22/06/2016 01:29:29] - |A| - [82944] - C:\Windows\syswow64\logman.exe [MD5.8EA53101FF2B15BDFF934B62A8FB326D] - [22/06/2016 01:30:07] - |A| - [127488] - C:\Windows\syswow64\logoncli.dll [MD5.A29E036A5A3B37C7530F3EA1CF385129] - [22/06/2016 01:29:29] - |A| - [21504] - C:\Windows\syswow64\lsmproxy.dll [MD5.C2DF5544931944AE00C59A0B3080EBFE] - [22/06/2016 01:29:28] - |A| - [41984] - C:\Windows\syswow64\luainstall.dll [MD5.BA2B249CD7C8CE15E1A8D69ECAEE5FA3] - [22/06/2016 01:30:06] - |A| - [516096] - C:\Windows\syswow64\main.cpl [MD5.8BC9DB92C4B2F3BE89185BEAB2AFC1F6] - [22/06/2016 01:29:29] - |A| - [76800] - C:\Windows\syswow64\mapi32.dll [MD5.8BC9DB92C4B2F3BE89185BEAB2AFC1F6] - [22/06/2016 01:29:29] - |A| - [76800] - C:\Windows\syswow64\mapistub.dll [MD5.99DE7F0838685CE9F4C39E58FEE6F48B] - [19/06/2016 19:27:50] - |A| - [790272] - C:\Windows\syswow64\MaxxAudioAPOShell.dll [MD5.5232D090B7540F90E9BF6DDC2EBB5CA2] - [22/06/2016 01:30:42] - |A| - [220672] - C:\Windows\syswow64\mcbuilder.exe [MD5.477B711EBF491226FA40301290F66BAC] - [22/06/2016 01:30:05] - |A| - [312168] - C:\Windows\syswow64\MCEWMDRMNDBootstrap.dll [MD5.451E47CF063A37D105A1D2111FD4C4E5] - [22/06/2016 01:29:43] - |A| - [84480] - C:\Windows\syswow64\mciavi32.dll [MD5.AA5F3F417DF0F470D67A7862451EA8E1] - [22/06/2016 01:29:28] - |A| - [36352] - C:\Windows\syswow64\mciqtz32.dll [MD5.3206ADC4D06BB764C9A4936C8E22708C] - [22/06/2016 01:30:05] - |A| - [266752] - C:\Windows\syswow64\MediaMetadataHandler.dll [MD5.FDBA1DEC4F9BE4274A00B9B850C63484] - [22/06/2016 01:31:21] - |A| - [3207680] - C:\Windows\syswow64\mf.dll [MD5.2A6C1373D88B6D5933383B9F5C034CB9] - [22/06/2016 01:31:28] - |A| - [954752] - C:\Windows\syswow64\mfc40.dll [MD5.AB9EB3745B03AE67AB241A82338DEA7B] - [22/06/2016 01:31:28] - |A| - [954288] - C:\Windows\syswow64\mfc40u.dll [MD5.A24743B58E597C95F71E22C8114D47A5] - [22/06/2016 01:30:24] - |A| - [1163264] - C:\Windows\syswow64\mfc42u.dll [MD5.71D5EBEFC617B84E1136F3F0E07A88F5] - [22/06/2016 01:30:41] - |A| - [296448] - C:\Windows\syswow64\mfds.dll [MD5.9204A9C716B7B4AA451010DEDB0BB5BE] - [22/06/2016 01:29:29] - |A| - [176128] - C:\Windows\syswow64\MFPlay.dll [MD5.BFEBB6F76A0988A38260870C61A6D1B7] - [22/06/2016 01:30:39] - |A| - [196608] - C:\Windows\syswow64\mfreadwrite.dll [MD5.6EC16BBD14906A59EA8A9A3F71B7F9AD] - [22/06/2016 01:29:53] - |A| - [101888] - C:\Windows\syswow64\migisol.dll [MD5.B81E879AE660F9D244FC20EC8A26783E] - [22/06/2016 01:30:21] - |A| - [42496] - C:\Windows\syswow64\mimefilt.dll [MD5.653CF8E759C4B13C5507B70BD383F158] - [22/06/2016 01:30:52] - |A| - [2151936] - C:\Windows\syswow64\mmcndmgr.dll [MD5.243974EC02F7AE49E4179C54624143AB] - [22/06/2016 01:30:23] - |A| - [213504] - C:\Windows\syswow64\MMDevAPI.dll [MD5.53E054880ADBB856ECE6EB10EDBB8A32] - [22/06/2016 01:30:20] - |A| - [905216] - C:\Windows\syswow64\mmsys.cpl [MD5.CCA67BD391CFC9F036323B2522887A6A] - [22/06/2016 01:29:28] - |A| - [101376] - C:\Windows\syswow64\mobsync.exe [MD5.E9AEF26AEEBFAAB901FAB3D93677DF98] - [22/06/2016 01:29:29] - |A| - [72704] - C:\Windows\syswow64\Mpeg2Data.ax [MD5.B64D80C7B5A3441530E26DCFD06951A7] - [22/06/2016 01:29:53] - |A| - [199680] - C:\Windows\syswow64\mpg2splt.ax [MD5.D4191EFAB91E00FC09257AA5EBAF503B] - [22/06/2016 01:29:29] - |A| - [158720] - C:\Windows\syswow64\mprapi.dll [MD5.D56D2F498713BD66F50763D5285F4F38] - [22/06/2016 01:30:06] - |A| - [268800] - C:\Windows\syswow64\mprddm.dll [MD5.DC190EB70C5C15BB087F893D6E77E5C6] - [22/06/2016 01:30:06] - |A| - [226304] - C:\Windows\syswow64\MSAC3ENC.DLL [MD5.938F39B50BAFE13D6F58C7790682C010] - [22/06/2016 01:30:22] - |A| - [34304] - C:\Windows\syswow64\msasn1.dll [MD5.7F8678C59F188528D60104E697C2361E] - [22/06/2016 01:30:06] - |A| - [481792] - C:\Windows\syswow64\mscms.dll [MD5.D83947A58613E9091B4C9CC0F1546A8D] - [22/06/2016 01:31:21] - |A| - [297808] - C:\Windows\syswow64\mscoree.dll [MD5.D5291C38F1AF2107810A24C6059F9EFD] - [22/06/2016 01:30:20] - |A| - [155472] - C:\Windows\syswow64\mscorier.dll [MD5.75C59DFB82BBB997EB702BE0770619C2] - [22/06/2016 01:30:06] - |A| - [80720] - C:\Windows\syswow64\mscories.dll [MD5.7069AAB8536F29ED7323140973A2894B] - [22/06/2016 01:29:28] - |A| - [30720] - C:\Windows\syswow64\msdmo.dll [MD5.B350525D71B42CF9366AF7443BBA21E6] - [22/06/2016 01:30:48] - |A| - [341504] - C:\Windows\syswow64\msdrm.dll [MD5.2883942DF154A6CEBDB75B42C0093CF3] - [22/06/2016 01:29:28] - |A| - [59904] - C:\Windows\syswow64\MSDvbNP.ax [MD5.1AD13A1281BAC6D90B1512A6FFCBB78C] - [22/06/2016 01:29:22] - |A| - [4096] - C:\Windows\syswow64\msdxm.ocx [MD5.394AC8963E832B58A7A9FD0B194D7D8D] - [22/06/2016 01:30:56] - |A| - [599552] - C:\Windows\syswow64\msfeeds.dll [MD5.E4F28616800A35987EBE84294EC4461C] - [22/06/2016 01:29:45] - |A| - [64512] - C:\Windows\syswow64\msfeedsbs.dll [MD5.667CCB1A75CE6853B08CE16EA908BB88] - [22/06/2016 01:29:24] - |A| - [12800] - C:\Windows\syswow64\msfeedssync.exe [MD5.3A16EA01FCFAAB40882DB5BFEE632322] - [22/06/2016 01:29:53] - |A| - [592384] - C:\Windows\syswow64\msftedit.dll [MD5.C50799F0D47DFB9774F721521B6C41D5] - [22/06/2016 01:31:33] - |A| - [5977600] - C:\Windows\syswow64\mshtml.dll [MD5.3C978218A87248FA7D1BD33C8AC7B447] - [22/06/2016 01:29:29] - |A| - [67072] - C:\Windows\syswow64\mshtmled.dll [MD5.0CE4D3BD306DA6D1F6F233C403F5B667] - [22/06/2016 01:30:24] - |A| - [2341376] - C:\Windows\syswow64\msi.dll [MD5.067ADF4DFA75CE40ADE163A5933E8953] - [22/06/2016 01:30:05] - |A| - [301568] - C:\Windows\syswow64\msieftp.dll [MD5.EEE470F2A771FC0B543BDEEF74FCECA0] - [22/06/2016 01:29:29] - |A| - [73216] - C:\Windows\syswow64\msiexec.exe [MD5.DFEC71402D544893908744E4863DC969] - [22/06/2016 01:30:20] - |A| - [337408] - C:\Windows\syswow64\msihnd.dll [MD5.5F2122888583347C9B81724CF169EFC6] - [22/06/2016 01:30:21] - |A| - [303104] - C:\Windows\syswow64\msinfo32.exe [MD5.CBBD4D79EEC3EF5A4ADAE9697944C6B9] - [22/06/2016 01:30:22] - |A| - [830464] - C:\Windows\syswow64\MSMPEG2ENC.DLL [MD5.CB9EF09B4BF03F8DE663B3F55D61A8E9] - [22/06/2016 01:29:29] - |A| - [265216] - C:\Windows\syswow64\msnetobj.dll [MD5.6E79D0D90AB03DC45AFACA52A6699963] - [22/06/2016 01:30:13] - |A| - [204288] - C:\Windows\syswow64\MSNP.ax [MD5.0AEE06C1CB1123AE2C9873908DB59BAF] - [22/06/2016 01:29:28] - |A| - [176128] - C:\Windows\syswow64\msorcl32.dll [MD5.9B6B7078934E30B39104951DFEA32EFB] - [22/06/2016 01:29:45] - |A| - [195072] - C:\Windows\syswow64\msrating.dll [MD5.04FAE971A77E76B3F4EF44053AEE0905] - [22/06/2016 01:29:29] - |A| - [13312] - C:\Windows\syswow64\msrle32.dll [MD5.510B493DF0DD669E60879B6B19E9B949] - [22/06/2016 01:29:42] - |A| - [504320] - C:\Windows\syswow64\msscp.dll [MD5.069E02992AF1732E2F95980F7C590758] - [22/06/2016 01:30:07] - |A| - [197120] - C:\Windows\syswow64\mssphtb.dll [MD5.FBE743D60132CFA9982860C8E2D99154] - [22/06/2016 01:31:20] - |A| - [1401344] - C:\Windows\syswow64\mssrch.dll [MD5.285354B4C28567054F9E382EAC540D05] - [22/06/2016 01:30:21] - |A| - [666624] - C:\Windows\syswow64\mssvp.dll [MD5.C5A99A4C0DC9F0F5A95BA0C83D30A549] - [22/06/2016 01:29:48] - |A| - [209920] - C:\Windows\syswow64\mstask.dll [MD5.511BA94873CF89D648B7A8496633098A] - [22/06/2016 01:30:59] - |A| - [606208] - C:\Windows\syswow64\mstime.dll [MD5.68B4A549D0B56A4DD9A488751037CF09] - [22/06/2016 01:31:07] - |A| - [1049600] - C:\Windows\syswow64\mstsc.exe [MD5.46BFF575BA1EF3226011E58903C47DDC] - [22/06/2016 01:31:34] - |A| - [3215872] - C:\Windows\syswow64\mstscax.dll [MD5.56CEED370508F69A1BA04939BD1BADDA] - [22/06/2016 01:30:21] - |A| - [167936] - C:\Windows\syswow64\msutb.dll [MD5.4C1E16B9A53102C8D6FBA587CBCB95DE] - [22/06/2016 01:30:50] - |A| - [257024] - C:\Windows\syswow64\msv1_0.dll [MD5.C335EC1182AC10B188705554E0BC1186] - [22/06/2016 01:29:45] - |A| - [120320] - C:\Windows\syswow64\msvfw32.dll [MD5.45DC6C69CE5759666EC758BAD657B040] - [22/06/2016 01:29:29] - |A| - [31744] - C:\Windows\syswow64\msvidc32.dll [MD5.59D16C3D5CC0D573256A01783ED5CCB4] - [22/06/2016 01:30:54] - |A| - [2291712] - C:\Windows\syswow64\MSVidCtl.dll [MD5.8999B8631C7FD9F7F9EC3CAFD953BA24] - [22/06/2016 01:30:40] - |A| - [232448] - C:\Windows\syswow64\mswsock.dll [MD5.4205CA4CD43E725DB9FF02B0A588A8C6] - [22/06/2016 01:30:39] - |A| - [1236992] - C:\Windows\syswow64\msxml3.dll [MD5.269D867585CDA04D3972A39F3694E7DF] - [22/06/2016 01:31:02] - |A| - [1390080] - C:\Windows\syswow64\msxml6.dll [MD5.D30117DB43F48C4DBA9B41C08156A339] - [22/06/2016 01:29:29] - |A| - [22528] - C:\Windows\syswow64\msyuv.dll [MD5.8483DD8F87DBE86AAB55BBF95C207061] - [22/06/2016 01:30:08] - |A| - [320512] - C:\Windows\syswow64\mtxclu.dll [MD5.5F8B3561CD7024C0F488A2E43434AE22] - [22/06/2016 01:29:28] - |A| - [13312] - C:\Windows\syswow64\muifontsetup.dll [MD5.7BD10646253ED4F6FD361279181362E7] - [22/06/2016 01:29:28] - |A| - [70656] - C:\Windows\syswow64\MuiUnattend.exe [MD5.50BB4FBC720D23497EEB5C9DAC497405] - [22/06/2016 01:29:28] - |A| - [136192] - C:\Windows\syswow64\mydocs.dll [MD5.D15880276D208AF03521B8F922C1F3B5] - [22/06/2016 01:29:29] - |A| - [221184] - C:\Windows\syswow64\Mystify.scr [MD5.93C4029DABC19166076BE347283AB969] - [22/06/2016 01:29:35] - |A| - [46080] - C:\Windows\syswow64\NAPCRYPT.DLL [MD5.9E122E5CD1BB79CF8F0BCEAC947B81C0] - [22/06/2016 01:29:23] - |A| - [68096] - C:\Windows\syswow64\napdsnap.dll [MD5.E9CFC1884D1E579E82073103827FA62B] - [22/06/2016 01:29:53] - |A| - [107008] - C:\Windows\syswow64\NAPHLPR.DLL [MD5.8B57A1AD493653BB57F281FE75DD175B] - [22/06/2016 01:30:39] - |A| - [801280] - C:\Windows\syswow64\NaturalLanguage6.dll [MD5.45D9F6CD2469CDB6A640DD4BD2B01471] - [22/06/2016 01:30:09] - |A| - [78848] - C:\Windows\syswow64\nci.dll [MD5.33CDDA42E768A997827CC480EC13DAD5] - [22/06/2016 01:29:29] - |A| - [60928] - C:\Windows\syswow64\ncryptui.dll [MD5.75EA62927355189876081EF863064982] - [22/06/2016 01:30:40] - |A| - [152064] - C:\Windows\syswow64\ncsi.dll [MD5.2041012726EF7C95ED51C15C56545A7F] - [22/06/2016 01:30:24] - |A| - [142336] - C:\Windows\syswow64\net1.exe [MD5.8CE1A6D16B9077E91E192499EB611C5F] - [22/06/2016 01:29:28] - |A| - [56832] - C:\Windows\syswow64\netapi32.dll [MD5.02C25A63D58FC12DEA8FA4ECDB832CC0] - [22/06/2016 01:29:28] - |A| - [24064] - C:\Windows\syswow64\netbtugc.exe [MD5.5ABBEF3B5984C29BD9D7CB1C7F35B323] - [22/06/2016 01:30:06] - |A| - [1644032] - C:\Windows\syswow64\netcenter.dll [MD5.1FF7E4F548C7C372C804938F0D5B36AE] - [22/06/2016 01:30:52] - |A| - [406528] - C:\Windows\syswow64\netcfgx.dll [MD5.C6FA3CBF5C6BD7B9BCB63441C6D67EA7] - [22/06/2016 01:30:23] - |A| - [225792] - C:\Windows\syswow64\netdiagfx.dll [MD5.C02F50BBC064689FE3FCD89348C884EB] - [22/06/2016 01:30:51] - |A| - [49488] - C:\Windows\syswow64\netfxperf.dll [MD5.67BCB4490E9C7307E39C150CC09BEF9A] - [22/06/2016 01:30:15] - |A| - [117248] - C:\Windows\syswow64\netid.dll [MD5.38CACBEB75E3F85CBF7E65522DFDA1B0] - [22/06/2016 01:30:21] - |A| - [166400] - C:\Windows\syswow64\netiohlp.dll [MD5.D4496F4DC6B90F6915CEB1DB20B44C07] - [22/06/2016 01:29:28] - |A| - [25600] - C:\Windows\syswow64\netiougc.exe [MD5.E343CABBD8D600ABAF3F11625D33B3D0] - [22/06/2016 01:30:06] - |A| - [161792] - C:\Windows\syswow64\netjoin.dll [MD5.C1809B9907ADEDAF16F50C894100883B] - [22/06/2016 01:30:54] - |A| - [563712] - C:\Windows\syswow64\netlogon.dll [MD5.E62AA52713617C1F402829EBF79653AB] - [22/06/2016 01:29:53] - |A| - [175616] - C:\Windows\syswow64\netplwiz.dll [MD5.EAB975DB4C2805927FE5BD047D05C9AA] - [22/06/2016 01:30:33] - |A| - [2494464] - C:\Windows\syswow64\netshell.dll [MD5.20B3934DB73EABA2B49B7177873CB81F] - [22/06/2016 01:29:28] - |A| - [22528] - C:\Windows\syswow64\netutils.dll [MD5.3D57FFBAD3ED16B63DE3879BAB0FB56F] - [22/06/2016 01:29:35] - |A| - [1661440] - C:\Windows\syswow64\networkexplorer.dll [MD5.EA72CAE0FFA2D86522888320ADE6B33E] - [22/06/2016 01:30:06] - |A| - [2130944] - C:\Windows\syswow64\networkmap.dll [MD5.104A1070E90F1C530328E69B49718841] - [22/06/2016 01:29:53] - |A| - [52224] - C:\Windows\syswow64\nlaapi.dll [MD5.D35F4DFF5D7B3D6503CF9888B833C801] - [22/06/2016 01:29:06] - |A| - [69120] - C:\Windows\syswow64\nlsbres.dll [MD5.404B123E9460395E3A7338B12C681B92] - [22/06/2016 01:29:53] - |A| - [346112] - C:\Windows\syswow64\nshipsec.dll [MD5.0B09C2A5AE40C10FF8C2CA80143B8AC2] - [22/06/2016 01:29:53] - |A| - [656384] - C:\Windows\syswow64\nshwfp.dll [MD5.5E3830EE3282A53920E00784FEC44CFD] - [22/06/2016 01:29:43] - |A| - [98304] - C:\Windows\syswow64\nslookup.exe [MD5.D124F55B9393C976963407DFF51FFA79] - [22/06/2016 01:31:04] - |A| - [1292096] - C:\Windows\syswow64\ntdll.dll [MD5.102A6182087B18C795664BCD22EB52E9] - [20/06/2016 23:23:52] - |A| - [3967872] - C:\Windows\syswow64\ntkrnlpa.exe [MD5.D7B7159BC8374E87D8C45A30377A3440] - [22/06/2016 01:29:58] - |A| - [69120] - C:\Windows\syswow64\ntlanman.dll [MD5.5D21C487F79F8245E799071589E035BF] - [20/06/2016 23:23:51] - |A| - [3912576] - C:\Windows\syswow64\ntoskrnl.exe [MD5.89F5770AD1E9D9CEF93D00303135EC33] - [22/06/2016 01:29:57] - |A| - [297472] - C:\Windows\syswow64\ntprint.dll [MD5.EB77DB354791A5932CA559B6F6374E95] - [22/06/2016 01:30:22] - |A| - [442880] - C:\Windows\syswow64\ntshrui.dll [MD5.E7DE1E8FD721BFD89B9F586272FBA14C] - [19/06/2016 21:19:49] - |A| - [594] - C:\Windows\syswow64\nv-vk32.json [MD5.9652C2BD7A22B16BC9DCFCA4AF07DC01] - [19/06/2016 20:48:53] - |A| - [3383472] - C:\Windows\syswow64\nvapi.dll [MD5.3CFC92C43EE7723A3CD0C84FDD2DCA2D] - [20/06/2016 01:20:34] - |A| - [102976] - C:\Windows\syswow64\nvaudcap32v.dll [MD5.DBD753B85C912F37838F5FB4390524EF] - [19/06/2016 21:19:49] - |A| - [35115456] - C:\Windows\syswow64\nvcompiler.dll [MD5.23A12C1611432F5800524A72E8147CFE] - [19/06/2016 21:19:49] - |A| - [17738592] - C:\Windows\syswow64\nvcuda.dll [MD5.FCE500F328D35857DCA6AF450FA1FA92] - [19/06/2016 21:19:49] - |A| - [3065280] - C:\Windows\syswow64\nvcuvid.dll [MD5.603DC177F1392325B3573ACB1467EC5E] - [19/06/2016 20:49:03] - |A| - [14346320] - C:\Windows\syswow64\nvd3dum.dll [MD5.53B01564975074C8C916268B22EC3A23] - [19/06/2016 21:19:49] - |A| - [422752] - C:\Windows\syswow64\nvEncodeAPI.dll [MD5.8E159BD339BB77FEBD259C0306C07A5D] - [19/06/2016 21:19:49] - |A| - [565392] - C:\Windows\syswow64\nvfatbinaryLoader.dll [MD5.E799ED9117336BF6C0C74E29227478D9] - [19/06/2016 21:19:49] - |A| - [769984] - C:\Windows\syswow64\NvFBC.dll [MD5.D92321865652E8433C37423A0E3DDEE2] - [19/06/2016 21:19:49] - |A| - [707520] - C:\Windows\syswow64\NvIFR.dll [MD5.A91862D785EF1C42F885A8932C2D5641] - [19/06/2016 21:19:49] - |A| - [379448] - C:\Windows\syswow64\NvIFROpenGL.dll [MD5.D6A677498A709AB65E517FBF2E929FF2] - [19/06/2016 21:19:49] - |A| - [155768] - C:\Windows\syswow64\nvinit.dll [MD5.6CA7B67E7E90493BFE4003C2DEF8F9E3] - [19/06/2016 21:19:49] - |A| - [131768] - C:\Windows\syswow64\nvoglshim32.dll [MD5.D98415AC6298C6ED8924FB4987E89602] - [19/06/2016 21:19:49] - |A| - [25377848] - C:\Windows\syswow64\nvoglv32.dll [MD5.8F88154CF6324D10910E0CADB5758E0B] - [19/06/2016 21:19:49] - |A| - [18143912] - C:\Windows\syswow64\nvopencl.dll [MD5.96A6FD2C85FC9E1A749F0D060DCD393B] - [19/06/2016 21:19:49] - |A| - [8733608] - C:\Windows\syswow64\nvptxJitCompiler.dll [MD5.3B5253E7297081D34F33E25E60CB65F3] - [19/06/2016 20:51:23] - |A| - [1316184] - C:\Windows\syswow64\nvspbridge.dll [MD5.140F1E8FD97ADEBA19D4D90BC2EA83EF] - [19/06/2016 20:51:23] - |A| - [1377800] - C:\Windows\syswow64\nvspcap.dll [MD5.9D8B0F6BA907C95DD5DFF9E91914A2B8] - [19/06/2016 21:23:19] - |A| - [113208] - C:\Windows\syswow64\nvStreaming.exe [MD5.85863C243BABB2C8492A658B6B603434] - [19/06/2016 21:19:49] - |A| - [394912] - C:\Windows\syswow64\nvumdshim.dll [MD5.61CAFD5E75D9181E46D1DA548E6AE3B6] - [19/06/2016 21:19:49] - |A| - [16756888] - C:\Windows\syswow64\nvwgf2um.dll [MD5.6AB21F19D02E37F87EB09482B57D35E5] - [22/06/2016 01:29:46] - |A| - [153088] - C:\Windows\syswow64\occache.dll [MD5.1274A7FD37E2DA781282CEE1D2131374] - [22/06/2016 01:29:35] - |A| - [174592] - C:\Windows\syswow64\ocsetapi.dll [MD5.B4D3BDF863B81BF84658396666CF7200] - [22/06/2016 01:29:52] - |A| - [197632] - C:\Windows\syswow64\ocsetup.exe [MD5.7D34AF98A706230CC2DEDFE0CABF87AB] - [22/06/2016 01:31:00] - |A| - [573440] - C:\Windows\syswow64\odbc32.dll [MD5.6E2C504C11A2D0B3820EDAF66E6DF06B] - [22/06/2016 01:29:28] - |A| - [40960] - C:\Windows\syswow64\odbcconf.dll [MD5.29C620A02D9703AC81FD666C3EF082C2] - [22/06/2016 01:29:35] - |A| - [122880] - C:\Windows\syswow64\odbccp32.dll [MD5.477C4F443B046A05A2758471E6893E25] - [22/06/2016 01:30:05] - |A| - [319488] - C:\Windows\syswow64\odbcjt32.dll [MD5.E715C4BA7BB5C8594DD8BB88FD030477] - [22/06/2016 01:29:29] - |A| - [163840] - C:\Windows\syswow64\odbctrac.dll [MD5.928CF7268086631F54C3D8E17238C6DD] - [22/06/2016 01:31:11] - |A| - [1414144] - C:\Windows\syswow64\ole32.dll [MD5.028D74F61952756C9DFFF7969162BB39] - [22/06/2016 01:30:09] - |A| - [571904] - C:\Windows\syswow64\oleaut32.dll [MD5.703FFD301AB900B047337C5D40FD6F96] - [22/06/2016 01:29:35] - |A| - [90112] - C:\Windows\syswow64\olepro32.dll [MD5.B21B85E60DA18D7D338599D95D4CB211] - [22/06/2016 01:29:29] - |A| - [77824] - C:\Windows\syswow64\olethk32.dll [MD5.F748F53FE09D21D8ECBB6421E6792024] - [22/06/2016 01:30:21] - |A| - [199168] - C:\Windows\syswow64\onex.dll [MD5.A77E0E5B15E6956C19E7269566ABE6C7] - [22/06/2016 01:29:35] - |A| - [1111552] - C:\Windows\syswow64\onexui.dll [MD5.4A6554C141450D2B6AA6DE17A298AEDA] - [22/06/2016 01:30:05] - |A| - [218112] - C:\Windows\syswow64\OnLineIDCpl.dll [MD5.468D6989581E6AEA75DE74D4B3722CC3] - [22/06/2016 01:29:58] - |A| - [859648] - C:\Windows\syswow64\OobeFldr.dll [MD5.37485CC09B7E6E70093A4DF62B3CC744] - [22/06/2016 01:29:29] - |A| - [1160192] - C:\Windows\syswow64\OpcServices.dll [MD5.DC6A35DF87F75D4263C9FA0A39F610C8] - [19/06/2016 20:50:17] - |A| - [105288] - C:\Windows\syswow64\OpenCL.dll [MD5.487F44B08EFEAF5AD087878357B9403D] - [22/06/2016 01:29:29] - |A| - [236544] - C:\Windows\syswow64\pdh.dll [MD5.7B47059ADEA2983C073562DD40F3FD73] - [22/06/2016 01:29:28] - |A| - [46592] - C:\Windows\syswow64\pdhui.dll [MD5.013CB5286ABB32259349AD858087068C] - [22/06/2016 01:30:06] - |A| - [600576] - C:\Windows\syswow64\PerfCenterCPL.dll [MD5.DC661CF87F2501A8B8D9628C006AA3BD] - [22/06/2016 01:29:39] - |A| - [157184] - C:\Windows\syswow64\perfmon.exe [MD5.AC3CBF448B118264E563E6B4E79EAC25] - [19/06/2016 19:24:02] - |A| - [1642062] - C:\Windows\syswow64\PerfStringBackup.INI [MD5.FB1BA42D1A1440E99C6B8667E141CFB1] - [22/06/2016 01:29:24] - |A| - [17408] - C:\Windows\syswow64\perfts.dll [MD5.0BA4982FE2C21D3D4A68B81FB25474D7] - [22/06/2016 01:30:07] - |A| - [413696] - C:\Windows\syswow64\PhotoScreensaver.scr [MD5.59079D4288FF7175758E838A489DD992] - [22/06/2016 01:30:05] - |A| - [295424] - C:\Windows\syswow64\photowiz.dll [MD5.E56C4703D0D9B476EF6195AD22C2ACC0] - [22/06/2016 01:29:06] - |A| - [35328] - C:\Windows\syswow64\pifmgr.dll [MD5.C06A8EB439D3451DF15828FF1CB7D0F8] - [22/06/2016 01:29:48] - |A| - [209920] - C:\Windows\syswow64\PkgMgr.exe [MD5.414BBA67A3DED1D28437EB66AEB8A720] - [22/06/2016 01:30:22] - |A| - [1508864] - C:\Windows\syswow64\pla.dll [MD5.2BCF9DD935DAE5A34BACE0F76DD0B581] - [22/06/2016 01:31:27] - |A| - [629760] - C:\Windows\syswow64\pmcsnap.dll [MD5.3D6F22551D422F97AACB0BB927E4C846] - [22/06/2016 01:30:23] - |A| - [1750528] - C:\Windows\syswow64\pnidui.dll [MD5.20104EA66332D24D7C65BBB087C56737] - [20/06/2016 23:23:53] - |A| - [123904] - C:\Windows\syswow64\poqexec.exe [MD5.E98278865E8DABA21CFE5FE4BE34210A] - [22/06/2016 01:30:43] - |A| - [547840] - C:\Windows\syswow64\PortableDeviceApi.dll [MD5.F7CF764F8155492EB50E4505A6DA8D87] - [22/06/2016 01:29:29] - |A| - [427520] - C:\Windows\syswow64\PortableDeviceStatus.dll [MD5.9D67B55896F679CD6C0FC7EAD0F4BDEA] - [22/06/2016 01:29:29] - |A| - [183296] - C:\Windows\syswow64\PortableDeviceSyncProvider.dll [MD5.D8868258E3F26B40ECB8E945C2DA8BD9] - [22/06/2016 01:29:29] - |A| - [142336] - C:\Windows\syswow64\powercfg.cpl [MD5.3925944734DFC5D2253F3DC5923F797D] - [22/06/2016 01:30:21] - |A| - [441856] - C:\Windows\syswow64\powercpl.dll [MD5.78403BDE1B60FDE8CB1F918DC52F8BA4] - [22/06/2016 01:31:22] - |A| - [238080] - C:\Windows\syswow64\ppcsnap.dll [MD5.6A08F1C87BBF6197F5DAD95CF41E5175] - [22/06/2016 01:31:19] - |A| - [295264] - C:\Windows\syswow64\PresentationHost.exe [MD5.A2AEEAB451AD341070F9B8F8E1A2EC28] - [22/06/2016 01:31:19] - |A| - [99176] - C:\Windows\syswow64\PresentationHostProxy.dll [MD5.E81591FCC19409E11F9A913728746391] - [22/06/2016 01:29:28] - |A| - [31232] - C:\Windows\syswow64\prevhost.exe [MD5.4856202475EFE0D66FA11EE1DCF6D0D3] - [22/06/2016 01:28:15] - |A| - [146389] - C:\Windows\syswow64\printmanagement.msc [MD5.9DF9B31EAC1669F244C02B61F10D123A] - [22/06/2016 01:30:24] - |A| - [932352] - C:\Windows\syswow64\printui.dll [MD5.50AF423CC8915B0010F0A96BF78672E9] - [22/06/2016 01:30:24] - |A| - [116736] - C:\Windows\syswow64\prncache.dll [MD5.C8333F1F77A1B2E25F2202E892CAF634] - [22/06/2016 01:30:05] - |A| - [395264] - C:\Windows\syswow64\prnfldr.dll [MD5.0FC7E6C8DFB1052F121638485A675761] - [22/06/2016 01:30:06] - |A| - [120320] - C:\Windows\syswow64\prntvpt.dll [MD5.12C45E3CB6D65F73209549E2D02ECA7A] - [22/06/2016 01:30:41] - |A| - [988160] - C:\Windows\syswow64\propsys.dll [MD5.2E77BAB79F078654782F83F0A0AEFE31] - [22/06/2016 01:30:21] - |A| - [28672] - C:\Windows\syswow64\proquota.exe [MD5.DBC02D918FFF1CAD628ACBE0C0EAA8E8] - [22/06/2016 01:29:53] - |A| - [165376] - C:\Windows\syswow64\provsvc.dll [MD5.71EAF975B87917ADCB26886482F6FB5B] - [22/06/2016 01:29:29] - |A| - [75776] - C:\Windows\syswow64\psisrndr.ax [MD5.909C11946AC04EA54A98C97792DC3C18] - [22/06/2016 01:30:07] - |A| - [324608] - C:\Windows\syswow64\puiobj.dll [MD5.D683E64BB0D3AE0FDEB5BCC4EC04FACE] - [22/06/2016 01:31:22] - |A| - [51200] - C:\Windows\syswow64\PushPrinterConnections.exe [MD5.02530B0B7E048DD5AC8D52DAEACAEB2B] - [22/06/2016 01:30:15] - |A| - [171520] - C:\Windows\syswow64\QAGENT.DLL [MD5.A54E92AE753D4BC63FE71F010F76EF04] - [22/06/2016 01:29:46] - |A| - [206848] - C:\Windows\syswow64\qasf.dll [MD5.CC5BF60E9D3F181C0B62AC91AD8634B8] - [22/06/2016 01:29:47] - |A| - [190976] - C:\Windows\syswow64\qcap.dll [MD5.925AE681543B4E666E172B5BD7E45B32] - [22/06/2016 01:29:29] - |A| - [71680] - C:\Windows\syswow64\QCLIPROV.DLL [MD5.92DF43A9CDD39C67F2B2D2F98799E086] - [22/06/2016 01:29:29] - |A| - [283136] - C:\Windows\syswow64\qdv.dll [MD5.643ADAF1444EAF895420EFA29FA95EBC] - [22/06/2016 01:30:06] - |A| - [514560] - C:\Windows\syswow64\qdvd.dll [MD5.44B13B356C737B628E73833B07CBBF72] - [22/06/2016 01:30:06] - |A| - [509440] - C:\Windows\syswow64\qedit.dll [MD5.34391196FE00480C9ADBFBE215B6B28C] - [22/06/2016 01:30:23] - |A| - [167936] - C:\Windows\syswow64\QSHVHOST.DLL [MD5.F65D14471F76F9C91315352932408939] - [22/06/2016 01:29:29] - |A| - [99328] - C:\Windows\syswow64\QSVRMGMT.DLL [MD5.B4D0D2F098C7A68385560DF4551551CA] - [22/06/2016 01:30:58] - |A| - [1328128] - C:\Windows\syswow64\quartz.dll [MD5.63B282FB2550893724647A359BA2323F] - [22/06/2016 01:30:52] - |A| - [1363456] - C:\Windows\syswow64\Query.dll [MD5.BD626EF05967D14C772B8096292731A3] - [22/06/2016 01:29:35] - |A| - [80896] - C:\Windows\syswow64\QUTIL.DLL [MD5.198366199A9F342EF87978D79308B49F] - [22/06/2016 01:31:13] - |A| - [1115136] - C:\Windows\syswow64\RacEngn.dll [MD5.C236A8735A48B165A2A7724357DBE332] - [22/06/2016 01:29:01] - |A| - [105559] - C:\Windows\syswow64\RacRules.xml [MD5.207CF171B1C6B8AE50C1FBF87363EEBC] - [22/06/2016 01:29:37] - |A| - [318976] - C:\Windows\syswow64\raschap.dll [MD5.67F9B5C7E215B48F9256757E9CC09A7B] - [22/06/2016 01:30:07] - |A| - [176640] - C:\Windows\syswow64\rasppp.dll [MD5.B2E1E4A16EDD02396F451F915FA3CBFA] - [22/06/2016 01:29:28] - |A| - [69632] - C:\Windows\syswow64\rastapi.dll [MD5.6944501ED659F2C835F8DD16182C9330] - [22/06/2016 01:30:09] - |A| - [372224] - C:\Windows\syswow64\rastls.dll [MD5.3C6882FD49949CDC9C4B19BE910ED8F8] - [22/06/2016 01:30:22] - |A| - [826368] - C:\Windows\syswow64\rdpcore.dll [MD5.D0C94D78DC8652153F020F5B6ACED36F] - [22/06/2016 01:29:29] - |A| - [52224] - C:\Windows\syswow64\rdpd3d.dll [MD5.9D30A820EAB9C146BB59557CA0236875] - [22/06/2016 01:29:40] - |A| - [186368] - C:\Windows\syswow64\rdpencom.dll [MD5.B85B7368F6EC16CE2DF2A87E7EE20F0B] - [22/06/2016 01:30:41] - |A| - [140800] - C:\Windows\syswow64\rdpendp.dll [MD5.6C796F88B7D9BF52A45757E2C837185A] - [22/06/2016 01:29:28] - |A| - [21504] - C:\Windows\syswow64\rdprefdrvapi.dll [MD5.6F786FAFD4C5E80D68AF3174B1CD0CF7] - [22/06/2016 01:31:12] - |A| - [79232] - C:\Windows\syswow64\rdvgumd32.dll [MD5.3CC04CB09FAFAD87942437FDDEE11EE3] - [22/06/2016 01:29:53] - |A| - [247808] - C:\Windows\syswow64\ReAgent.dll [MD5.2BF84985DE59544A0460BB33F804DA3A] - [22/06/2016 01:29:28] - |A| - [22016] - C:\Windows\syswow64\ReAgentc.exe [MD5.2607A85B6466C0110EA8ABB9D8CC83FC] - [22/06/2016 01:30:21] - |A| - [72192] - C:\Windows\syswow64\regapi.dll [MD5.0F75B8C47003F47B7358C7840FA3883C] - [22/06/2016 01:29:32] - |A| - [83968] - C:\Windows\syswow64\RegisterIEPKEYs.exe [MD5.79C626237AD93981BDF72606DD543CEE] - [22/06/2016 01:29:28] - |A| - [37888] - C:\Windows\syswow64\relog.exe [MD5.292F2FA57EB9B773DA1C15AFCC4A4F90] - [22/06/2016 01:29:39] - |A| - [146944] - C:\Windows\syswow64\remotepg.dll [MD5.2AF094C822BD6094F14A8E85FB51D52A] - [22/06/2016 01:29:28] - |A| - [71168] - C:\Windows\syswow64\resutils.dll [MD5.831319977C168FFCF4E9ABB83A992F80] - [22/06/2016 01:29:29] - |A| - [220672] - C:\Windows\syswow64\Ribbons.scr [MD5.102CF6879887BBE846A00C459E6D4ABC] - [22/06/2016 01:29:53] - |A| - [473600] - C:\Windows\syswow64\riched20.dll [MD5.B5506B451BFE7148ECA7056BDA2970BD] - [22/06/2016 01:29:23] - |A| - [8704] - C:\Windows\syswow64\riched32.dll [MD5.23FBEA5DCE05E2A848483A9AB6256E9E] - [22/06/2016 01:31:22] - |A| - [322048] - C:\Windows\syswow64\RMActivate.exe [MD5.49E29F981428DA9FA5FC264E0A7C8935] - [22/06/2016 01:31:23] - |A| - [327168] - C:\Windows\syswow64\RMActivate_isv.exe [MD5.B2120B16B3E221B4D3342E87867A5163] - [22/06/2016 01:29:28] - |A| - [280064] - C:\Windows\syswow64\RMActivate_ssp.exe [MD5.199D8ECB6748B2B866CBA52A8D092034] - [22/06/2016 01:29:28] - |A| - [278016] - C:\Windows\syswow64\RMActivate_ssp_isv.exe [MD5.39B9273CA01364E115B464416CFB729B] - [22/06/2016 01:30:09] - |A| - [98816] - C:\Windows\syswow64\Robocopy.exe [MD5.A2718532AFF3B0F9C73D3034A1511F50] - [22/06/2016 01:30:24] - |A| - [139264] - C:\Windows\syswow64\rpchttp.dll [MD5.C5AD8083CF94201F1F8084ECC696A8B7] - [22/06/2016 01:29:42] - |A| - [663040] - C:\Windows\syswow64\rpcrt4.dll [MD5.5997D769CDB108390DCFAEBF442BF816] - [22/06/2016 01:30:09] - |A| - [46080] - C:\Windows\syswow64\RpcRtRemote.dll [MD5.00000000000000000000000000000000] - [19/06/2016 19:28:48] - |D| - [5461264] - C:\Windows\syswow64\RTCOM [MD5.0915C4DB6DBC3BB9E11B7ECBBE4B7159] - [22/06/2016 01:29:58] - |A| - [37376] - C:\Windows\syswow64\rtutils.dll [MD5.D44741F65A1D71F65814A12CF6E2400A] - [22/06/2016 01:29:34] - |A| - [50688] - C:\Windows\syswow64\runonce.exe [MD5.68ECCA523ED760AAFC03C5D587569859] - [22/06/2016 01:30:21] - |A| - [51200] - C:\Windows\syswow64\samcli.dll [MD5.074341EEDA7A8564C22B7F76008A3CA0] - [22/06/2016 01:30:21] - |A| - [850432] - C:\Windows\syswow64\sbe.dll [MD5.3E63222185341DCB8EEEDB8E2761EE6F] - [22/06/2016 01:30:24] - |A| - [246272] - C:\Windows\syswow64\scansetting.dll [MD5.8124944EC89D6A1815E4E53F5B96AAF4] - [22/06/2016 01:30:06] - |A| - [175616] - C:\Windows\syswow64\scecli.dll [MD5.250AA41DE690561AF1282D598914564C] - [22/06/2016 01:30:09] - |A| - [307712] - C:\Windows\syswow64\scesrv.dll [MD5.135F7AC9BE35AB1DF727FAF2E60E92F8] - [22/06/2016 01:30:52] - |A| - [224256] - C:\Windows\syswow64\schannel.dll [MD5.A42E7748BE906434C5FD17161D168C20] - [22/06/2016 01:29:23] - |A| - [17408] - C:\Windows\syswow64\schedcli.dll [MD5.2003E9B15E1C502B146DAD2E383AC1E3] - [22/06/2016 01:30:21] - |A| - [179712] - C:\Windows\syswow64\schtasks.exe [MD5.342E7165807B7C0BC9E810F3A9E2527E] - [22/06/2016 01:30:23] - |A| - [464896] - C:\Windows\syswow64\scrptadm.dll [MD5.6581B52E133CC6D00661C58968C7E212] - [22/06/2016 01:31:10] - |A| - [646144] - C:\Windows\syswow64\SearchFolder.dll [MD5.716A8BB33CE8EA28D57FC3050D8C027F] - [22/06/2016 01:31:23] - |A| - [428032] - C:\Windows\syswow64\secproc.dll [MD5.B5842E6BCD0CFDCA40795EEB33042E4E] - [22/06/2016 01:31:23] - |A| - [423936] - C:\Windows\syswow64\secproc_isv.dll [MD5.CACE16598662D697169B3B1EF2FA4549] - [22/06/2016 01:29:28] - |A| - [85504] - C:\Windows\syswow64\secproc_ssp.dll [MD5.2BC3BA232E46F310BEDF9A14260AD650] - [22/06/2016 01:29:28] - |A| - [85504] - C:\Windows\syswow64\secproc_ssp_isv.dll [MD5.A8CE0C7F1D37E0B8082608A148B6B976] - [22/06/2016 01:29:28] - |A| - [22016] - C:\Windows\syswow64\secur32.dll [MD5.E8CB091A918C1C687B087389D9A66B39] - [22/06/2016 01:30:07] - |A| - [2202624] - C:\Windows\syswow64\SensorsCpl.dll [MD5.4AE380F39A0032EAB7DD953030B26D28] - [22/06/2016 01:30:45] - |A| - [113664] - C:\Windows\syswow64\SessEnv.dll [MD5.8C545F6F1BA83C15B8B02EE4AA62FF11] - [22/06/2016 01:29:53] - |A| - [270336] - C:\Windows\syswow64\sethc.exe [MD5.10FB16B50AFFDA6D44588F3C445DC273] - [22/06/2016 01:30:55] - |A| - [1667584] - C:\Windows\syswow64\setupapi.dll [MD5.3F5A4F3A11EAA28DCD5C85C06C09D853] - [22/06/2016 01:29:28] - |A| - [115712] - C:\Windows\syswow64\setupcln.dll [MD5.824E84AC88AC9F82D772960657E094D1] - [22/06/2016 01:29:46] - |A| - [113152] - C:\Windows\syswow64\setupugc.exe [MD5.FDDC4D6EC3B2BD3B5A04C22881305621] - [19/06/2016 19:28:19] - |A| - [74064] - C:\Windows\syswow64\SFCOM.dll [MD5.F14A9B1778376D0B1788E402AC1F831A] - [22/06/2016 01:29:29] - |A| - [108032] - C:\Windows\syswow64\shacct.dll [MD5.BE247AE996A9FDE007A27B51413A6C79] - [22/06/2016 01:29:47] - |A| - [179712] - C:\Windows\syswow64\shdocvw.dll [MD5.16AB4BD2ACC52109F43739BF0E89E18F] - [22/06/2016 01:31:23] - |A| - [12872192] - C:\Windows\syswow64\shell32.dll [MD5.CFD8B8537036CF35F6254192997A4D8E] - [22/06/2016 01:29:23] - |A| - [20992] - C:\Windows\syswow64\shgina.dll [MD5.FAA05DD44E5DF264AEBE3F03BA4211BB] - [22/06/2016 01:29:28] - |A| - [35840] - C:\Windows\syswow64\shimgvw.dll [MD5.8CC3C111D653E96F3EA1590891491D71] - [22/06/2016 01:30:43] - |A| - [350208] - C:\Windows\syswow64\shlwapi.dll [MD5.5E6E37DC2EFE39EC146271E22A16844F] - [22/06/2016 01:30:07] - |A| - [111104] - C:\Windows\syswow64\shsetup.dll [MD5.414DA952A35BF5D50192E28263B40577] - [22/06/2016 01:30:21] - |A| - [328192] - C:\Windows\syswow64\shsvcs.dll [MD5.0A8E209F3C1D1FB6889465D1019CC5BF] - [22/06/2016 01:29:22] - |A| - [10752] - C:\Windows\syswow64\shunimpl.dll [MD5.E9B7D9BBD3E78E7DD053A5108B7649AC] - [22/06/2016 01:30:05] - |A| - [428544] - C:\Windows\syswow64\shwebsvc.dll [MD5.F44CCA639625EC735667BD8B8E523A33] - [22/06/2016 01:30:05] - |A| - [19456] - C:\Windows\syswow64\sisbkup.dll [MD5.19F75D71E4256F5113D64CE2BB66B838] - [22/06/2016 01:29:45] - |A| - [14336] - C:\Windows\syswow64\slwga.dll [MD5.05BF975CA428E04B462FB90841B37C95] - [22/06/2016 01:29:57] - |A| - [152064] - C:\Windows\syswow64\SmartcardCredentialProvider.dll [MD5.2305BFF2966D73694972FD7531BC5BAA] - [22/06/2016 01:30:06] - |A| - [314368] - C:\Windows\syswow64\SndVol.exe [MD5.2CFA4569350B7F84F815E9EC34E85766] - [22/06/2016 01:30:06] - |A| - [220160] - C:\Windows\syswow64\SndVolSSO.dll [MD5.BC080CEA43CB990F28B049742706581F] - [22/06/2016 01:29:28] - |A| - [61952] - C:\Windows\syswow64\spbcd.dll [MD5.3C519BC7767F41F1C88DB0395F31A817] - [22/06/2016 01:29:28] - |A| - [19968] - C:\Windows\syswow64\spopk.dll [MD5.971A36C4827AD1AE2A54E6407478921A] - [22/06/2016 01:30:40] - |A| - [172544] - C:\Windows\syswow64\spp.dll [MD5.8E4B58E12B3FA65ED1462846906E0B59] - [22/06/2016 01:29:28] - |A| - [121344] - C:\Windows\syswow64\sppc.dll [MD5.E3AE23569749DE12D45BA3B489A036AE] - [22/06/2016 01:30:07] - |A| - [193536] - C:\Windows\syswow64\sppcomapi.dll [MD5.5A220C5CFC74AB3C2517D1F1B670D5D3] - [22/06/2016 01:29:29] - |A| - [100864] - C:\Windows\syswow64\sppinst.dll [MD5.1EB40CEBF58C2983497A77442B99B2D0] - [22/06/2016 01:30:06] - |A| - [352768] - C:\Windows\syswow64\spwizeng.dll [MD5.3F0BB313E64983FF701D43C930530AC7] - [22/06/2016 01:29:06] - |A| - [7680] - C:\Windows\syswow64\spwizres.dll [MD5.0A4A970D997125C7E8A06D72C20369FB] - [22/06/2016 01:29:23] - |A| - [8192] - C:\Windows\syswow64\spwmp.dll [MD5.13CDD3FF0961A2EC6D9829A1640DD6DC] - [22/06/2016 01:29:29] - |A| - [309760] - C:\Windows\syswow64\sqlcese30.dll [MD5.4470B0943469C4AF5B114E420DCB1AEF] - [22/06/2016 01:30:39] - |A| - [778240] - C:\Windows\syswow64\sqlsrv32.dll [MD5.CE292C4C10B8DB6070F262EA2733F0DC] - [22/06/2016 01:29:29] - |A| - [189952] - C:\Windows\syswow64\sqmapi.dll [MD5.674B0C0F6A448EB185CAAB9C51D44032] - [22/06/2016 01:30:21] - |A| - [301568] - C:\Windows\syswow64\srchadmin.dll [MD5.5CCDCD40E732D54E0F7451AC66AC1C87] - [22/06/2016 01:29:29] - |A| - [90112] - C:\Windows\syswow64\srvcli.dll [MD5.89E783711AF91AF09E1EF30EF3107446] - [22/06/2016 01:29:23] - |A| - [9728] - C:\Windows\syswow64\sscore.dll [MD5.7224D964A6D657374C551C878EB2C386] - [22/06/2016 01:29:29] - |A| - [96768] - C:\Windows\syswow64\sspicli.dll [MD5.AD6DB3F85D329ABA90EAF7B2D8A2EEA9] - [22/06/2016 01:29:45] - |A| - [293888] - C:\Windows\syswow64\ssText3d.scr [MD5.912649A1B3F9E6ACB3899FBDABA2ED5F] - [22/06/2016 01:30:29] - |A| - [228352] - C:\Windows\syswow64\stobject.dll [MD5.6A1E8DEB746912DF47CF651E138401D7] - [22/06/2016 01:30:09] - |A| - [363520] - C:\Windows\syswow64\StructuredQuery.dll [MD5.F1E9A22C1D4F5D3AC7BA555D4E95329C] - [22/06/2016 01:30:05] - |A| - [755200] - C:\Windows\syswow64\sud.dll [MD5.919001D2BB17DF06CA3F8AC16AD039F6] - [22/06/2016 01:30:34] - |A| - [380416] - C:\Windows\syswow64\sxs.dll [MD5.2DDEA2C345DA5BC589EFD398F220DB0E] - [22/06/2016 01:30:23] - |A| - [2146304] - C:\Windows\syswow64\SyncCenter.dll [MD5.20A20A911CD79A6F6839167149A05668] - [22/06/2016 01:30:04] - |A| - [159232] - C:\Windows\syswow64\syncui.dll [MD5.BEFF01C9F044BA2AD7F5FB837972FC90] - [22/06/2016 01:30:06] - |A| - [326656] - C:\Windows\syswow64\sysdm.cpl [MD5.E82CEFE0D2F98651D556E2437163486B] - [22/06/2016 01:30:05] - |A| - [389632] - C:\Windows\syswow64\sysmon.ocx [MD5.56D80B7E622338AF0F93B25A85D97188] - [22/06/2016 01:29:28] - |A| - [14848] - C:\Windows\syswow64\syssetup.dll [MD5.4AC64014668BB2B4834A66B73406AB63] - [22/06/2016 01:29:57] - |A| - [410624] - C:\Windows\syswow64\systemcpl.dll [MD5.6B140B1382F1FE04BA57B196AEB19725] - [22/06/2016 01:30:23] - |A| - [109056] - C:\Windows\syswow64\t2embed.dll [MD5.8007508CEF6A5B10C24F7971DAF00F09] - [22/06/2016 01:29:29] - |A| - [51200] - C:\Windows\syswow64\takeown.exe [MD5.613BF4820361543956909043A265C6AC] - [22/06/2016 01:30:06] - |A| - [242176] - C:\Windows\syswow64\tapisrv.dll [MD5.1C3E8371377E988B683797A132EFFE1B] - [22/06/2016 01:30:39] - |A| - [305152] - C:\Windows\syswow64\taskcomp.dll [MD5.4F2659160AFCCA990305816946F69407] - [22/06/2016 01:30:40] - |A| - [192000] - C:\Windows\syswow64\taskeng.exe [MD5.545BF7EAA24A9E062857D0742EC0B28A] - [22/06/2016 01:30:08] - |A| - [227328] - C:\Windows\syswow64\taskmgr.exe [MD5.544EFF88AC6C85DF5A4D6F18DFE08CFC] - [22/06/2016 01:31:10] - |A| - [505856] - C:\Windows\syswow64\taskschd.dll [MD5.C059C6B7518A9D6DE3616A3143392FE6] - [22/06/2016 01:28:15] - |A| - [1041] - C:\Windows\syswow64\tcpbidi.xml [MD5.CAFC0B884E5590B5E80D84F592388B3D] - [22/06/2016 01:30:21] - |A| - [181760] - C:\Windows\syswow64\tcpipcfg.dll [MD5.4AA222561FEACF1DD52813D46180FD52] - [22/06/2016 01:30:59] - |A| - [61440] - C:\Windows\syswow64\tcpmonui.dll [MD5.9FC4D46F7BCAD9EE8517171195917776] - [22/06/2016 01:30:07] - |A| - [352768] - C:\Windows\syswow64\termmgr.dll [MD5.64B628C5258625129288F2D0C75268DA] - [22/06/2016 01:30:07] - |A| - [2157568] - C:\Windows\syswow64\themecpl.dll [MD5.5992A9DF57FD5E6960FDCC2DB69867F7] - [22/06/2016 01:30:40] - |A| - [2755072] - C:\Windows\syswow64\themeui.dll [MD5.672D7C5080ACB003343006405DA2E621] - [22/06/2016 01:30:21] - |A| - [82944] - C:\Windows\syswow64\thumbcache.dll [MD5.83C9840CF87A0CA55526327801716D27] - [22/06/2016 01:30:15] - |A| - [478720] - C:\Windows\syswow64\timedate.cpl [MD5.E460AFD3A201408919ADB05977095E8D] - [22/06/2016 01:29:28] - |A| - [69632] - C:\Windows\syswow64\tlscsp.dll [MD5.3CD99E5B2487A4018AACBCEB19EE65D0] - [22/06/2016 01:31:14] - |A| - [1548288] - C:\Windows\syswow64\tquery.dll [MD5.543324F86787BFA31AABBAA7A91D08D0] - [22/06/2016 01:29:24] - |A| - [21504] - C:\Windows\syswow64\TRAPI.dll [MD5.665AAD05AEE9E37A7A9BAEDCAC775989] - [22/06/2016 01:29:28] - |A| - [12288] - C:\Windows\syswow64\tsbyuv.dll [MD5.C555046481601ED19920F2D3E76B8A36] - [22/06/2016 01:29:29] - |A| - [36864] - C:\Windows\syswow64\tsgqec.dll [MD5.8DCB990113DEF9255445B17D7F6DA64A] - [22/06/2016 01:30:56] - |A| - [270848] - C:\Windows\syswow64\tsmf.dll [MD5.D29E45078CF4020CE0AAC82EC652D1EA] - [22/06/2016 01:29:40] - |A| - [65024] - C:\Windows\syswow64\TSpkg.dll [MD5.BD2978E85EF0007A89F7BB1367C007DD] - [22/06/2016 01:30:58] - |A| - [597504] - C:\Windows\syswow64\TSWorkspace.dll [MD5.C9708C9F3DBA3DBFB1D2FEE1E9DABAD0] - [22/06/2016 01:29:48] - |A| - [146432] - C:\Windows\syswow64\twext.dll [MD5.48C566013F2B20F0BABCAD98079EEC05] - [22/06/2016 01:29:06] - |A| - [2048] - C:\Windows\syswow64\tzres.dll [MD5.8DDD47810EE260744BEAA82EFA2DB9BB] - [22/06/2016 01:29:52] - |A| - [47616] - C:\Windows\syswow64\tzutil.exe [MD5.B85B0267A743607052263447E6091E8C] - [22/06/2016 01:30:34] - |A| - [2983424] - C:\Windows\syswow64\UIRibbon.dll [MD5.86B9E27CDB040DE1C981BEC2A56326A7] - [22/06/2016 01:29:28] - |A| - [1164800] - C:\Windows\syswow64\UIRibbonRes.dll [MD5.377F0C1DDBFA6A43CB7E7568BC0ECED0] - [22/06/2016 01:29:48] - |A| - [281088] - C:\Windows\syswow64\unimdm.tsp [MD5.53CA6BF58658815FCB472205291DD953] - [22/06/2016 01:29:29] - |A| - [59392] - C:\Windows\syswow64\unimdmat.dll [MD5.2C098921217204301D76BF3BD5D953BB] - [22/06/2016 01:29:28] - |A| - [34304] - C:\Windows\syswow64\unlodctr.exe [MD5.82E7ECE9096EEACB2EAC5644FE19A6F2] - [22/06/2016 01:30:09] - |A| - [346624] - C:\Windows\syswow64\untfs.dll [MD5.954EA9B34F155C844B11F4047A8F6F89] - [22/06/2016 01:30:52] - |A| - [206848] - C:\Windows\syswow64\upnp.dll [MD5.EBB431C6332107651CD2E2715A707994] - [22/06/2016 01:31:11] - |A| - [1229824] - C:\Windows\syswow64\urlmon.dll [MD5.5E0DB2D8B2750543CD2EBB9EA8E6CDD3] - [22/06/2016 01:30:41] - |A| - [833024] - C:\Windows\syswow64\user32.dll [MD5.ACA1F50844E08F3F5178E8FF3F21FBC2] - [22/06/2016 01:29:35] - |A| - [78848] - C:\Windows\syswow64\UserAccountControlSettings.dll [MD5.D83841B6EE406B58461ACE8A6308AA2D] - [22/06/2016 01:30:06] - |A| - [600064] - C:\Windows\syswow64\usercpl.dll [MD5.D15618A0FF8DBC2C5BF3726BACC75A0B] - [22/06/2016 01:30:42] - |A| - [81920] - C:\Windows\syswow64\userenv.dll [MD5.61AC3EFDFACFDD3F0F11DD4FD4044223] - [22/06/2016 01:30:07] - |A| - [26624] - C:\Windows\syswow64\userinit.exe [MD5.804AAAFEBB3AD5F49334DD906BCB1DE5] - [22/06/2016 01:30:43] - |A| - [626176] - C:\Windows\syswow64\usp10.dll [MD5.D25958B2A71EF488959272878EF934BE] - [22/06/2016 01:29:29] - |A| - [31744] - C:\Windows\syswow64\utildll.dll [MD5.FD4C4F9EC7D6D23E282F9375B4029AE5] - [22/06/2016 01:29:45] - |A| - [118784] - C:\Windows\syswow64\uxlib.dll [MD5.370349F79315D4DB86CD992CACEFEE61] - [22/06/2016 01:30:06] - |A| - [638976] - C:\Windows\syswow64\VAN.dll [MD5.669E18322F05A14356E8F6DA16D15DA0] - [22/06/2016 01:30:09] - |A| - [933376] - C:\Windows\syswow64\Vault.dll [MD5.4D6262D5CFFA7D932126D2B85C373F87] - [22/06/2016 01:29:29] - |A| - [153600] - C:\Windows\syswow64\VBICodec.ax [MD5.373A87DBFD387DDC54375F547834FBBD] - [22/06/2016 01:29:28] - |A| - [33792] - C:\Windows\syswow64\vbisurf.ax [MD5.B6C47E0FB844FDB75A8DAE5A6487CB8F] - [22/06/2016 01:29:53] - |A| - [427520] - C:\Windows\syswow64\vbscript.dll [MD5.CF3CD3F466D84C9E2F66490D9578A563] - [22/06/2016 01:29:34] - |A| - [160256] - C:\Windows\syswow64\vdsbas.dll [MD5.24498D084FAA7A459C91066EC241E1CE] - [22/06/2016 01:29:28] - |A| - [56832] - C:\Windows\syswow64\vfwwdm32.dll [MD5.5845B1C54380FB980F68024B3A8B1E66] - [22/06/2016 01:29:35] - |A| - [25600] - C:\Windows\syswow64\vpnikeapi.dll [MD5.13337A3FB17F2242487FD45488ED0485] - [22/06/2016 01:31:10] - |A| - [1128448] - C:\Windows\syswow64\vssapi.dll [MD5.23EEB7034F3F7AA8554D9093B7EB319A] - [19/06/2016 21:22:12] - |A| - [129824] - C:\Windows\syswow64\vulkan-1.dll [MD5.B1F9C56E5F3C20FEF261E2510221F6E4] - [19/06/2016 21:22:12] - |A| - [40224] - C:\Windows\syswow64\vulkaninfo.exe [MD5.96FE583424174CF7926250ED16C4EA01] - [22/06/2016 01:30:06] - |A| - [66048] - C:\Windows\syswow64\w32tm.exe [MD5.2097D9A13CDB88213612E3E8479185F5] - [22/06/2016 01:29:53] - |A| - [222208] - C:\Windows\syswow64\wavemsp.dll [MD5.704314FD398C81D5F342CAA5DF7B7F21] - [22/06/2016 01:21:01] - |A| - [363008] - C:\Windows\syswow64\wbemcomn.dll [MD5.34EEE0DFAADB4F691D6D5308A51315DC] - [22/06/2016 01:30:21] - |A| - [276992] - C:\Windows\syswow64\wcncsvc.dll [MD5.8BCF1DCE05F4494C8891F33EEA450D0A] - [22/06/2016 01:30:09] - |A| - [1227776] - C:\Windows\syswow64\wdc.dll [MD5.D205C24A9D069049FE2DF2A1B38726A7] - [22/06/2016 01:29:53] - |A| - [172032] - C:\Windows\syswow64\wdmaud.drv [MD5.A399514D3B28C9A3453A486BBAAFF1C7] - [22/06/2016 01:28:40] - |A| - [189952] - C:\Windows\syswow64\wdscore.dll [MD5.A4EE3D80E31D5A3CA8EBE6A67A06CEC0] - [22/06/2016 01:29:47] - |A| - [229376] - C:\Windows\syswow64\webcheck.dll [MD5.A9D880F97530D5B8FEE278923349929D] - [22/06/2016 01:30:42] - |A| - [204800] - C:\Windows\syswow64\WebClnt.dll [MD5.02C61D8AD469417F5508225C75DE3236] - [22/06/2016 01:30:52] - |A| - [314880] - C:\Windows\syswow64\webio.dll [MD5.DB846EECA70EE9D2E2FF31147C57B0F4] - [22/06/2016 01:30:23] - |A| - [782336] - C:\Windows\syswow64\webservices.dll [MD5.590D5C506044FE02FF7643E32FF9BDAC] - [22/06/2016 01:31:03] - |A| - [381440] - C:\Windows\syswow64\wer.dll [MD5.4DAD175C07B982A1518FE64FDBB7071A] - [22/06/2016 01:29:28] - |A| - [28672] - C:\Windows\syswow64\WerFaultSecure.exe [MD5.4D7B1415719FFCC700118318D86FD7EC] - [22/06/2016 01:30:07] - |A| - [416768] - C:\Windows\syswow64\wiadefui.dll [MD5.AF2E7640E72F005DDB86158E1F8BA1FC] - [22/06/2016 01:29:29] - |A| - [109568] - C:\Windows\syswow64\wiavideo.dll [MD5.861A80C7DCA93A95327463D7F8C9CE64] - [22/06/2016 01:29:52] - |A| - [406528] - C:\Windows\syswow64\wimgapi.dll [MD5.F6FD7F8147A591317E57D9008C8C7541] - [22/06/2016 01:29:40] - |A| - [327680] - C:\Windows\syswow64\wimserv.exe [MD5.536E06B5A05C6E39C8748E3941FB083D] - [22/06/2016 01:30:41] - |A| - [492032] - C:\Windows\syswow64\win32spl.dll [MD5.1DB71A41DAEE6B3F8CD0DDA8209FA2D5] - [22/06/2016 01:30:52] - |A| - [1010688] - C:\Windows\syswow64\WindowsCodecs.dll [MD5.CA9F7888B524D8100B977C81F44C3234] - [22/06/2016 01:30:55] - |A| - [351232] - C:\Windows\syswow64\winhttp.dll [MD5.44214C94911C7CFB1D52CB64D5E8368D] - [22/06/2016 01:31:12] - |A| - [980992] - C:\Windows\syswow64\wininet.dll [MD5.D5AEFAD57C08349A4393D987DF7C715D] - [22/06/2016 01:30:21] - |A| - [194048] - C:\Windows\syswow64\winmm.dll [MD5.81C0FA250EF6DC1C6B3FA2BCE81D6C2E] - [22/06/2016 01:30:39] - |A| - [335872] - C:\Windows\syswow64\WinSATAPI.dll [MD5.9419ABF3163B6F0E3AD3DD2B381C879F] - [22/06/2016 01:30:22] - |A| - [134656] - C:\Windows\syswow64\WinSCard.dll [MD5.9E4B0E7472B4CEBA9E17F440B8CB0AB8] - [22/06/2016 01:30:22] - |A| - [320000] - C:\Windows\syswow64\winspool.drv [MD5.418E881201583A3039D81F43E39E6C78] - [22/06/2016 01:30:22] - |A| - [156672] - C:\Windows\syswow64\winsta.dll [MD5.2D0D2DA87BEA7144F2A17F19D0D17E4C] - [22/06/2016 01:30:40] - |A| - [172032] - C:\Windows\syswow64\wintrust.dll [MD5.E5A4A1326A02F8E7B59E6C3270CE7202] - [22/06/2016 01:29:28] - |A| - [47104] - C:\Windows\syswow64\wkscli.dll [MD5.F99A4D145C862CBAD61B409C0AB0CD65] - [22/06/2016 01:30:23] - |A| - [411648] - C:\Windows\syswow64\wlangpui.dll [MD5.3C9035085141162416A0DD34DBF3F3C1] - [22/06/2016 01:29:53] - |A| - [428032] - C:\Windows\syswow64\wlanmsm.dll [MD5.CC88EF08712C08C5F5FE74A395BA25AC] - [22/06/2016 01:30:09] - |A| - [1326592] - C:\Windows\syswow64\wlanpref.dll [MD5.A882CD13F68656CFD657E6639D3D3E17] - [22/06/2016 01:30:06] - |A| - [410112] - C:\Windows\syswow64\wlanui.dll [MD5.A8BB45F9ECAD993461E0FEF8E2A99152] - [22/06/2016 01:30:41] - |A| - [269824] - C:\Windows\syswow64\Wldap32.dll [MD5.FF3C5379DE4FD18498C255D096FED3F5] - [22/06/2016 01:29:29] - |A| - [902656] - C:\Windows\syswow64\WMADMOD.DLL [MD5.5CF15474FFDB5005E54958DF6EDD97AB] - [22/06/2016 01:29:29] - |A| - [507392] - C:\Windows\syswow64\wmdrmdev.dll [MD5.41A2EEB3FC7C4677787C612478DBD69A] - [22/06/2016 01:29:29] - |A| - [436736] - C:\Windows\syswow64\wmdrmnet.dll [MD5.394117608EB031E622D4812E67746F09] - [22/06/2016 01:29:43] - |A| - [616960] - C:\Windows\syswow64\wmdrmsdk.dll [MD5.12C1BBE5B01F554DC2FA3225131E2D2B] - [22/06/2016 01:30:09] - |A| - [1003008] - C:\Windows\syswow64\WMNetMgr.dll [MD5.1957D49A9613FAAD1C73B508CCE02AA5] - [22/06/2016 01:31:20] - |A| - [11410432] - C:\Windows\syswow64\wmp.dll [MD5.F645EF77ED0735B927E9804E28855E17] - [22/06/2016 01:29:35] - |A| - [299520] - C:\Windows\syswow64\wmpdxm.dll [MD5.3B91EA6DC3AE6088C880AB9073A833C2] - [22/06/2016 01:30:24] - |A| - [352256] - C:\Windows\syswow64\wmpeffects.dll [MD5.80C5342074711F098A00F71FFF262B3B] - [22/06/2016 01:30:21] - |A| - [1624064] - C:\Windows\syswow64\WMPEncEn.dll [MD5.EF64A97756128630A40B41C3B2567259] - [22/06/2016 01:29:29] - |A| - [318464] - C:\Windows\syswow64\WMPhoto.dll [MD5.0FBC74AA20FE0AE6884279F893169C60] - [22/06/2016 01:29:21] - |A| - [12625408] - C:\Windows\syswow64\wmploc.DLL [MD5.7B97346CE563B74BBCC120FC83E5A6D9] - [22/06/2016 01:29:58] - |A| - [738816] - C:\Windows\syswow64\wmpmde.dll [MD5.3F2B83695E5BF11930C16AF50E991F96] - [22/06/2016 01:29:28] - |A| - [144384] - C:\Windows\syswow64\wmpps.dll [MD5.E9C7D94D71857409BF741F1B7561D0E6] - [22/06/2016 01:29:29] - |A| - [105472] - C:\Windows\syswow64\wmpshell.dll [MD5.B86FB49A715157C49E2C7205E1817012] - [22/06/2016 01:29:53] - |A| - [182272] - C:\Windows\syswow64\wmpsrcwp.dll [MD5.65B76F79BA94CF8837D556D4C9067773] - [22/06/2016 01:29:28] - |A| - [739328] - C:\Windows\syswow64\WMSPDMOD.DLL [MD5.0F416E23DD2EB4DEBE70608020CFD283] - [22/06/2016 01:30:23] - |A| - [2504192] - C:\Windows\syswow64\WMVCORE.DLL [MD5.402D0425A26A0660BC1299A5854A4785] - [22/06/2016 01:30:52] - |A| - [1619456] - C:\Windows\syswow64\WMVDECOD.DLL [MD5.9E44D3D2D1D2DA5ED565D471E350F1CD] - [22/06/2016 01:29:29] - |A| - [541184] - C:\Windows\syswow64\WMVSDECD.DLL [MD5.181F69BC9C406B7FB5C0ADE8031630AC] - [22/06/2016 01:30:23] - |A| - [2311168] - C:\Windows\syswow64\wpdshext.dll [MD5.735263DA17BF5BAF9CCD483843BF9D5A] - [22/06/2016 01:29:42] - |A| - [105984] - C:\Windows\syswow64\WPDShServiceObj.dll [MD5.7DF45A1E1A4AAFDEEFF2CA8F8200F37B] - [22/06/2016 01:29:29] - |A| - [350720] - C:\Windows\syswow64\WPDSp.dll [MD5.CA63BC9F834A42DAA8375FAC76B5CE83] - [22/06/2016 01:29:34] - |A| - [198144] - C:\Windows\syswow64\wpdwcn.dll [MD5.7FF15A4F092CD4A96055BA69F903E3E9] - [22/06/2016 01:30:33] - |A| - [206848] - C:\Windows\syswow64\ws2_32.dll [MD5.A8CDF3768604FF95B54669E20053D569] - [22/06/2016 01:30:23] - |A| - [51712] - C:\Windows\syswow64\wscapi.dll [MD5.73F6C5223F7E9B5780DD4A6C30FCF569] - [22/06/2016 01:30:24] - |A| - [458752] - C:\Windows\syswow64\WSDApi.dll [MD5.AAF7BEB63E2CC499834B608A85A55E4E] - [22/06/2016 01:29:23] - |A| - [21504] - C:\Windows\syswow64\wsdchngr.dll [MD5.AC122407B29378FF9646F03404AC7C54] - [22/06/2016 01:29:23] - |A| - [36352] - C:\Windows\syswow64\wshbth.dll [MD5.21CE1E98A17FD46BE371719DFD046958] - [22/06/2016 01:29:23] - |A| - [11264] - C:\Windows\syswow64\wshirda.dll [MD5.1B91CD34EA3A90AB6A4EF0550174F4CC] - [22/06/2016 01:30:52] - |A| - [1175040] - C:\Windows\syswow64\WsmSvc.dll [MD5.6357E2B68753A1F5CF4A68A25C4FD14A] - [22/06/2016 01:29:28] - |A| - [51712] - C:\Windows\syswow64\wsnmp32.dll [MD5.A912933C92B9C4C70E9039C0B597AE4E] - [22/06/2016 01:29:58] - |A| - [68608] - C:\Windows\syswow64\WSTPager.ax [MD5.6A6B2EE4565A178035BE2A4FF6F2C968] - [22/06/2016 01:29:52] - |A| - [40448] - C:\Windows\syswow64\wtsapi32.dll [MD5.7D4DC95A1F5E0818E74A399960569EA1] - [22/06/2016 01:30:23] - |A| - [560128] - C:\Windows\syswow64\wuapi.dll [MD5.F419D738BD2AE58D9DF2F9FEB5F43842] - [22/06/2016 23:38:43] - |A| - [33792] - C:\Windows\syswow64\wuapp.exe [MD5.C0141009CA2CC319011D578A6FD447BD] - [22/06/2016 01:29:29] - |A| - [87552] - C:\Windows\syswow64\wudriver.dll [MD5.FB633DCC8664E4CCACF562DB5BAE38CF] - [22/06/2016 01:29:28] - |A| - [27648] - C:\Windows\syswow64\wups.dll [MD5.8CBD6FDACDCC0ED48BAF607226D6D0C9] - [22/06/2016 01:30:05] - |A| - [314880] - C:\Windows\syswow64\wusa.exe [MD5.5AA2CAD923E9E647276A61387E83DDD0] - [22/06/2016 23:38:43] - |A| - [179656] - C:\Windows\syswow64\wuwebv.dll [MD5.0BD483CECD8DAC86E04347589ADC71EE] - [22/06/2016 01:29:52] - |A| - [444928] - C:\Windows\syswow64\wvc.dll [MD5.4E961525CC7FF0E5D7DA19E170B7C14C] - [19/06/2016 23:11:52] - |A| - [14032] - C:\Windows\syswow64\x3daudio1_0.dll [MD5.121B131EAA369D8F58DACC5C39A77D80] - [19/06/2016 23:11:54] - |A| - [15128] - C:\Windows\syswow64\x3daudio1_1.dll [MD5.F6A9FC2AD2F9111372B5AB3BBA3707EC] - [19/06/2016 23:11:59] - |A| - [17928] - C:\Windows\syswow64\X3DAudio1_2.dll [MD5.C593FD0A96EE4B6390B653C4C641313F] - [19/06/2016 23:12:01] - |A| - [25608] - C:\Windows\syswow64\X3DAudio1_3.dll [MD5.E3832514BD21236067B7227F6165EF95] - [19/06/2016 23:12:02] - |A| - [25608] - C:\Windows\syswow64\X3DAudio1_4.dll [MD5.350FEFE18B86BD4D9AB2A96D00215A49] - [19/06/2016 23:12:07] - |A| - [23376] - C:\Windows\syswow64\X3DAudio1_5.dll [MD5.E763798CAD2A90B6AB61854F50CD47DD] - [19/06/2016 23:12:11] - |A| - [22360] - C:\Windows\syswow64\X3DAudio1_6.dll [MD5.C811E70C8804CFFF719038250A43B464] - [19/06/2016 23:12:17] - |A| - [22360] - C:\Windows\syswow64\X3DAudio1_7.dll [MD5.2112FE0C46662D429347A7D7B49E3ECE] - [19/06/2016 23:11:52] - |A| - [230096] - C:\Windows\syswow64\xactengine2_0.dll [MD5.7C9952111F4C743B9F0D8B68B6ED93C9] - [19/06/2016 23:11:53] - |A| - [229584] - C:\Windows\syswow64\xactengine2_1.dll [MD5.73E055AF78A64F9B2779D44407CA2AB6] - [19/06/2016 23:12:01] - |A| - [267272] - C:\Windows\syswow64\xactengine2_10.dll [MD5.5C4D3843B491C047B7A619901FBD2EC1] - [19/06/2016 23:11:54] - |A| - [230168] - C:\Windows\syswow64\xactengine2_2.dll [MD5.69D841744B2BAE38FBB2D40A230A549C] - [19/06/2016 23:11:54] - |A| - [236824] - C:\Windows\syswow64\xactengine2_3.dll [MD5.6550E1A0A7BE611592C31222FCB981FB] - [19/06/2016 23:11:54] - |A| - [237848] - C:\Windows\syswow64\xactengine2_4.dll [MD5.86C93789E9006F1AC47ED9DD47D4C8A1] - [19/06/2016 23:11:55] - |A| - [251672] - C:\Windows\syswow64\xactengine2_5.dll [MD5.39000E033D39D19CCCE21AEAFCCE2476] - [19/06/2016 23:11:55] - |A| - [255848] - C:\Windows\syswow64\xactengine2_6.dll [MD5.7FEBB8CE2233CBAE738B16D42ED29674] - [19/06/2016 23:11:56] - |A| - [261480] - C:\Windows\syswow64\xactengine2_7.dll [MD5.499210C45AFEAADEE8CF4DCF7D5E570B] - [19/06/2016 23:11:59] - |A| - [266088] - C:\Windows\syswow64\xactengine2_8.dll [MD5.46EE68F04A75A1CCF40235EA6F1CBA05] - [19/06/2016 23:12:00] - |A| - [267112] - C:\Windows\syswow64\xactengine2_9.dll [MD5.8A83673F0AB001870583FDE2B004FA59] - [19/06/2016 23:12:01] - |A| - [238088] - C:\Windows\syswow64\xactengine3_0.dll [MD5.2E0E25252E1D41752876E9FE12ADE175] - [19/06/2016 23:12:02] - |A| - [238088] - C:\Windows\syswow64\xactengine3_1.dll [MD5.F3C6BE26949CAADB11DBF0086082FAC9] - [19/06/2016 23:12:03] - |A| - [238088] - C:\Windows\syswow64\xactengine3_2.dll [MD5.8BA296419AF3417D1E9806B83166E472] - [19/06/2016 23:12:08] - |A| - [235856] - C:\Windows\syswow64\xactengine3_3.dll [MD5.686F8D1B4926D48227A06ACD4D41CD1E] - [19/06/2016 23:12:11] - |A| - [235352] - C:\Windows\syswow64\xactengine3_4.dll [MD5.DB3C93E87452B8DAB4F58ED1FD2B1998] - [19/06/2016 23:12:13] - |A| - [238936] - C:\Windows\syswow64\xactengine3_5.dll [MD5.F81C4678A55FFEE585AC75825FAF5582] - [19/06/2016 23:12:17] - |A| - [238936] - C:\Windows\syswow64\xactengine3_6.dll [MD5.4FD7BCB9D8AF6A165E9BA0C2EB702E7C] - [19/06/2016 23:12:23] - |A| - [239960] - C:\Windows\syswow64\xactengine3_7.dll [MD5.DD165760F1B95200A3DA2D9DFDB84234] - [19/06/2016 23:12:02] - |A| - [65032] - C:\Windows\syswow64\XAPOFX1_0.dll [MD5.D95EAABF5D277EF91D9CA70151209E56] - [19/06/2016 23:12:06] - |A| - [68616] - C:\Windows\syswow64\XAPOFX1_1.dll [MD5.295E47A75F278580F9441041EAAEA3D2] - [19/06/2016 23:12:09] - |A| - [70992] - C:\Windows\syswow64\XAPOFX1_2.dll [MD5.30686ECE80545E06D78D156EB9F7D463] - [19/06/2016 23:12:12] - |A| - [69464] - C:\Windows\syswow64\XAPOFX1_3.dll [MD5.E4CE2AF32F501A7F7DDDD908704A0EE6] - [19/06/2016 23:12:18] - |A| - [74072] - C:\Windows\syswow64\XAPOFX1_4.dll [MD5.8A4CEBF34370D689E198E6673C1F2C40] - [19/06/2016 23:12:23] - |A| - [74072] - C:\Windows\syswow64\XAPOFX1_5.dll [MD5.418CDC57E55EE79C3F86C13A19B3D5E3] - [19/06/2016 23:12:01] - |A| - [479752] - C:\Windows\syswow64\XAudio2_0.dll [MD5.E34FF0115B1EE3B4E03D22AE9840EE03] - [19/06/2016 23:12:02] - |A| - [507400] - C:\Windows\syswow64\XAudio2_1.dll [MD5.50F4A0D5E6A0BAFEFA78F353533B8E06] - [19/06/2016 23:12:06] - |A| - [509448] - C:\Windows\syswow64\XAudio2_2.dll [MD5.47ED15DC87AE334C13C4DACD1BE2CCED] - [19/06/2016 23:12:09] - |A| - [514384] - C:\Windows\syswow64\XAudio2_3.dll [MD5.E684C5FA18ADF9EA14737757413BF727] - [19/06/2016 23:12:12] - |A| - [517448] - C:\Windows\syswow64\XAudio2_4.dll [MD5.8B01FB723F3B30AB3DEBDDBF97CFE577] - [19/06/2016 23:12:15] - |A| - [515416] - C:\Windows\syswow64\XAudio2_5.dll [MD5.4976243BD70FAE3D1D24E49739AB2710] - [19/06/2016 23:12:18] - |A| - [528216] - C:\Windows\syswow64\XAudio2_6.dll [MD5.81DFDDFB401D663BA7E6AD1C80364216] - [19/06/2016 23:12:23] - |A| - [527192] - C:\Windows\syswow64\XAudio2_7.dll [MD5.F1726346E583442541FE73429F8E9C10] - [19/06/2016 23:11:54] - |A| - [62672] - C:\Windows\syswow64\xinput1_1.dll [MD5.33B62BE226934E1B01F5043870C70427] - [19/06/2016 23:11:54] - |A| - [62744] - C:\Windows\syswow64\xinput1_2.dll [MD5.77F595DEE5FFACEA72B135B1FCE1312E] - [19/06/2016 23:11:58] - |A| - [81768] - C:\Windows\syswow64\xinput1_3.dll [MD5.E9E3891A8784C4C5B66EEA51AAFA5DF1] - [22/06/2016 01:30:56] - |A| - [283648] - C:\Windows\syswow64\XpsGdiConverter.dll [MD5.8FE6DB20BE436EA8839295F60CAA09F6] - [22/06/2016 01:31:25] - |A| - [870912] - C:\Windows\syswow64\XpsPrint.dll [MD5.8A244E6F8004A421359812C3FC55AE1B] - [22/06/2016 01:30:07] - |A| - [135168] - C:\Windows\syswow64\XpsRasterService.dll [MD5.9C8E9CAAF237E8CD8BEBDE700AAFF9E0] - [22/06/2016 01:30:42] - |A| - [1712640] - C:\Windows\syswow64\xpsservices.dll [MD5.00000000000000000000000000000000] - [20/06/2016 04:53:18] - |D| - [9560] - C:\Windows\syswow64\XPSViewer [MD5.A2F0B6A45EF5B68173AAA2A39690904E] - [22/06/2016 01:30:06] - |A| - [327680] - C:\Windows\syswow64\zipfldr.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/06/2016 20:26:06] - |A| - [0] - C:\Windows\syswow64\Drivers\1043_ASUSTeK_B85-PRO GAMER.alu [MD5.FF5221C2E5D5CC82F93EB7C99DC2852F] - [19/06/2016 20:15:17] - |A| - [14848] - C:\Windows\syswow64\Drivers\AiCharger.sys [MD5.798DE15F187C1F013095BBBEB6FB6197] - [19/06/2016 20:16:04] - |RA| - [15232] - C:\Windows\syswow64\Drivers\AsIO.sys [MD5.00000000000000000000000000000000] - [20/06/2016 04:53:18] - |D| - [105984] - C:\Windows\syswow64\Drivers\fr-FR ¤¤¤¤¤¤¤¤¤¤ | Drives ¤¤¤¤¤¤¤¤¤¤ | C: [14/07/2009 05:18:56] - |SHD| - [129] - C:\$Recycle.Bin [21/06/2016 02:03:40] - |SHD| - [0] - C:\Config.Msi [14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/06/2016 18:55:04] - (.-.) - [6393606144] - (0.0.0.0) - C:\hiberfil.sys [19/06/2016 19:11:55] - |D| - [1050301] - C:\Intel [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/06/2016 18:55:05] - (.-.) - [8524808192] - (0.0.0.0) - C:\pagefile.sys [14/07/2009 05:20:08] - |D| - [0] - C:\PerfLogs [14/07/2009 05:20:08] - |RD| - [3331429675] - C:\Program Files [14/07/2009 05:20:08] - |RD| - [7554319062] - C:\Program Files (x86) [14/07/2009 05:20:08] - |HD| - [1384807965] - C:\ProgramData [23/06/2016 00:46:43] - |D| - [262057] - C:\QuickDiag [MD5.680CFC4C9732473BCC9D978F1D1DDF48] - [23/06/2016 00:47:08] - (.-.) - [375828] - (0.0.0.0) - C:\QuickDiag.txt [19/06/2016 19:05:02] - |SHD| - [394437917] - C:\Recovery [MD5.87E5AAE1AA9431EF1DDEDC46D2145BDB] - [19/06/2016 20:52:32] - (.-.) - [32] - (0.0.0.0) - C:\setup.log [19/06/2016 18:55:04] - |SHD| - [0] - C:\System Volume Information [MD5.6309A64CA2EB815109F7B8D29520668C] - [22/06/2016 01:29:32] - (.-.) - [4724] - (0.0.0.0) - C:\TDSSKiller.3.1.0.9_22.06.2016_01.29.32_log.txt [MD5.3B7C22276D585CECF23F6E431C7D63E8] - [22/06/2016 01:46:06] - (.-.) - [204204] - (0.0.0.0) - C:\TDSSKiller.3.1.0.9_22.06.2016_01.46.06_log.txt [14/07/2009 05:20:08] - |RD| - [11735918169] - C:\Users [14/07/2009 05:20:08] - |D| - [22541564833] - C:\Windows ¤¤¤¤¤¤¤¤¤¤ | C:\Windows [14/07/2009 07:32:38] - |D| - [802] - C:\Windows\addins [14/07/2009 05:20:08] - |D| - [2132598] - C:\Windows\AppCompat [14/07/2009 05:20:08] - |D| - [11264768] - C:\Windows\AppPatch [MD5.EFF1AC58A084E5CE5C6AA0427D445987] - [19/06/2016 19:07:17] - (.-.) - [47170] - (0.0.0.0) - C:\Windows\Ascd_tmp.ini [14/07/2009 05:20:08] - |RSD| - [1713580706] - C:\Windows\assembly [MD5.9FCFE78AFBA95C1F3AD8E3F99C5C4636] - [19/06/2016 19:09:22] - (.Copyright (C) 2009 - AsTaskSchedule.) - [16896] - (0.1.0.4) - C:\Windows\AsTaskSched.dll [MD5.1E730A5BA2E48B48EAFE800D5FE0A3E4] - [19/06/2016 19:07:16] - (.-.) - [672] - (0.0.0.0) - C:\Windows\As_Utilities.log [MD5.8D26DAE92B9995B082AE5B6BC2FB70DB] - [20/06/2016 00:07:12] - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [52184] - (11.2.2738.0) - C:\Windows\avastSS.scr [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [22/06/2016 01:29:37] - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/07/2009 09:46:13] - |SHD| - [553227] - C:\Windows\BitLockerDiscoveryVolumeContents [14/07/2009 05:20:09] - |D| - [29089838] - C:\Windows\Boot [MD5.56ED2BDDDC1946D4F18A7780816D8FD5] - [14/07/2009 07:38:36] - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 05:20:09] - |D| - [3236352] - C:\Windows\Branding [MD5.87485061537913CD06DC4C3735BE3A77] - [19/06/2016 20:42:23] - (.-.) - [24484] - (0.0.0.0) - C:\Windows\cFosSpeed_Setup_Log.txt [19/06/2016 19:09:22] - |D| - [304541287] - C:\Windows\Chipset [14/07/2009 09:46:13] - |D| - [0] - C:\Windows\CSC [MD5.DA15C16EE66BAF7E6F555CE2E1CF95CA] - [20/06/2016 04:54:09] - (.-.) - [13] - (0.0.0.0) - C:\Windows\csup.txt [14/07/2009 05:20:09] - |D| - [2113488] - C:\Windows\Cursors [14/07/2009 06:45:54] - |D| - [1335] - C:\Windows\debug [MD5.881AF365AA5D3CECE8783F3FEEFA9FBC] - [20/06/2016 04:54:09] - (.-.) - [24] - (0.0.0.0) - C:\Windows\DELL_version [14/07/2009 07:32:38] - |D| - [3569854] - C:\Windows\diagnostics [14/07/2009 07:37:46] - |D| - [0] - C:\Windows\DigitalLocker [MD5.B9601FA7828877C91714E55F1F37B9CA] - [19/06/2016 23:11:35] - (.-.) - [10085] - (0.0.0.0) - C:\Windows\DirectX.log [19/06/2016 20:52:08] - |D| - [39425385] - C:\Windows\Downloaded Installations [14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Downloaded Program Files [MD5.7793EFC40B0B3410CD08FFAEBA33A16F] - [14/07/2009 06:46:06] - (.-.) - [1774] - (0.0.0.0) - C:\Windows\DtcInstall.log [14/07/2009 09:46:19] - |D| - [119117365] - C:\Windows\ehome [14/07/2009 07:37:46] - |D| - [110080] - C:\Windows\en-US [MD5.AC4C51EB24AA95B77F705AB159189E24] - [22/06/2016 01:31:20] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2872320] - (6.1.7601.17514) - C:\Windows\explorer.exe [14/07/2009 05:20:09] - |RSD| - [354501375] - C:\Windows\Fonts [20/06/2016 04:53:22] - |D| - [142336] - C:\Windows\fr-FR [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 01:22:13] - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [14/07/2009 05:20:09] - |D| - [68397809] - C:\Windows\Globalization [14/07/2009 05:20:09] - |D| - [142334527] - C:\Windows\Help [MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [14/07/2009 02:29:53] - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7600.16385) - C:\Windows\HelpPane.exe [MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [14/07/2009 02:29:03] - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7600.16385) - C:\Windows\hh.exe [14/07/2009 05:20:09] - |D| - [143549292] - C:\Windows\IME [14/07/2009 05:20:10] - |D| - [140781868] - C:\Windows\inf [19/06/2016 19:22:01] - |SHD| - [1006304020] - C:\Windows\Installer [14/07/2009 05:20:10] - |D| - [48371] - C:\Windows\L2Schemas [MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - [19/06/2016 19:08:20] - (.-.) - [1769] - (0.0.0.0) - C:\Windows\Language_trs.ini [14/07/2009 05:20:10] - |D| - [1412913] - C:\Windows\LiveKernelReports [14/07/2009 05:20:10] - |D| - [32959080] - C:\Windows\Logs [14/07/2009 05:20:10] - |RSD| - [13327133] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 02:10:29] - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 05:20:10] - |D| - [894507117] - C:\Windows\Microsoft.NET [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [MD5.F2C7BB8ACC97F92E987A2D4087D021B1] - [14/07/2009 01:56:36] - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7600.16385) - C:\Windows\notepad.exe [MD5.2F5B0A7A1819A08C55FD91BA8DA2F6EE] - [20/06/2016 02:28:05] - (.-.) - [312814] - (0.0.0.0) - C:\Windows\ntbtlog.txt [14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Offline Web Pages [20/06/2016 04:54:34] - |D| - [10442518] - C:\Windows\Panther [14/07/2009 07:32:38] - |D| - [61922536] - C:\Windows\Performance [MD5.60338A2BDC2A74425A5178E4D7B86FE9] - [19/06/2016 20:54:39] - (.-.) - [7906] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 05:20:10] - |D| - [1279615] - C:\Windows\PLA [14/07/2009 05:20:10] - |D| - [8897851] - C:\Windows\PolicyDefinitions [19/06/2016 18:55:24] - |D| - [45963565] - C:\Windows\Prefetch [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 01:27:10] - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 05:20:10] - |D| - [22588] - C:\Windows\Registration [14/07/2009 09:46:13] - |D| - [0] - C:\Windows\RemotePackages [14/07/2009 05:20:10] - |D| - [8085622] - C:\Windows\rescache [14/07/2009 05:20:10] - |D| - [1802022] - C:\Windows\Resources [MD5.FFC77870402F6DDD5BB8172C6A55DFB3] - [19/06/2016 19:24:18] - (.Copyright (C) 2014 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2080472] - (1.0.5.3) - C:\Windows\RtlExUpd.dll [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\SchCache [14/07/2009 05:20:10] - |D| - [55533] - C:\Windows\schemas [14/07/2009 05:20:10] - |D| - [2225524] - C:\Windows\security [14/07/2009 06:45:47] - |D| - [18430624] - C:\Windows\ServiceProfiles [14/07/2009 05:20:10] - |D| - [43067326] - C:\Windows\servicing [14/07/2009 06:45:50] - |D| - [42] - C:\Windows\Setup [MD5.1C9AA8977B8878743034771F8ACD3410] - [14/07/2009 06:51:00] - (.-.) - [21343] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/07/2009 06:51:00] - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [14/07/2009 09:46:19] - |D| - [4544] - C:\Windows\ShellNew [19/06/2016 19:04:58] - |D| - [1842072007] - C:\Windows\SoftwareDistribution [14/07/2009 05:20:10] - |D| - [251548646] - C:\Windows\Speech [MD5.D01628AF9F7FB3F415B357D446FBE6D9] - [22/06/2016 01:30:40] - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17514) - C:\Windows\splwow64.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 07:28:38] - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 05:20:10] - |D| - [4405047740] - C:\Windows\System32 [14/07/2009 05:20:14] - |D| - [1374047412] - C:\Windows\SysWOW64 [14/07/2009 05:20:14] - |D| - [15] - C:\Windows\TAPI [14/07/2009 05:20:14] - |D| - [8698] - C:\Windows\Tasks [14/07/2009 05:20:14] - |D| - [236949604] - C:\Windows\Temp [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\tracing [MD5.2DCAB053A9510CADC7F2940272AE2BC7] - [19/06/2016 18:58:11] - (.-.) - [1313] - (0.0.0.0) - C:\Windows\TSSysprep.log [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 23:41:17] - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 07:32:38] - |D| - [6144] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [22/06/2016 01:29:47] - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [14/07/2009 00:47:26] - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 02:14:40] - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [MD5.BE9ABBA239905C914B050195978E4D02] - [14/07/2009 09:48:32] - (.-.) - [51867] - (0.0.0.0) - C:\Windows\Ultimate.xml [14/07/2009 05:20:14] - |D| - [12420] - C:\Windows\Vss [14/07/2009 05:20:14] - |D| - [44155055] - C:\Windows\Web [MD5.162904DAA5412143F5403233E77F787E] - [14/07/2009 04:34:57] - (.-.) - [403] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 06:54:24] - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.D742E4D76FEB4E6BE3786E1338D2DE1A] - [19/06/2016 19:04:58] - (.-.) - [1071147] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 02:12:29] - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [14/07/2009 05:20:14] - |D| - [9149689941] - C:\Windows\winsxs [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 22:52:44] - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 01:56:28] - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe ¤¤¤¤¤¤¤¤¤¤ | Systemroot\System ¤¤¤¤¤¤¤¤¤¤ | Systemroot\Installer [20/06/2016 01:15:34] - C:\Windows\Installer\255c5.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [23/08/2012 11:52:38] - C:\Windows\Installer\3324a.msi : ( - Intel Corporation) [27/08/2013 15:30:50] - C:\Windows\Installer\3324f.msi : (Intel(R) Network Connections - Intel) [16/09/2013 12:17:36] - C:\Windows\Installer\7543b.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [07/08/2013 14:26:32] - C:\Windows\Installer\76e5f.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [22/06/2016 00:52:56] - C:\Windows\Installer\7f9b2.msi : (WinZip Compression Utility - Copyright (c) 1991-2016 WinZip International LLC - All Rights Reserved) [06/06/2011 10:56:12] - C:\Windows\Installer\80d9c.msi : (ADOBER~1.0|Adobe Reader X - Adobe Systems Incorporated) [19/06/2016 20:52:03] - C:\Windows\Installer\80dab.msi : (Blank Project Template - InstallShield Software Corporation) [25/03/2014 10:31:02] - C:\Windows\Installer\80db0.msi : (ASUS Product Register Program - ASUSTek Computer Inc.) [20/06/2016 00:12:45] - C:\Windows\Installer\b12341.msi : (Google Toolbar for Internet Explorer - Google Inc.) [20/06/2016 00:12:01] - C:\Windows\Installer\b12347.msi : (Google Update Helper - Google Inc.) [20/06/2016 00:17:54] - C:\Windows\Installer\b1234d.msi : (Google Update Helper - Google Inc.) [13/02/2014 11:05:48] - C:\Windows\Installer\e27ee.msi : (Sonic Radar - ASUSTeKcomputer.Inc) [19/06/2016 20:52:27] - [10134] - C:\Windows\Installer\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}\ARPPRODUCTICON.exe () - () [19/06/2016 19:46:20] - [317752] - C:\Windows\Installer\{594AEAFB-0822-4EA9-A5B8-309485A515EE}\ARPPRODUCTICON.exe (Copyright (C) 2012 Intel Corporation.) - (Intel (R) Network Connections Driver Uninstaller) [20/06/2016 01:15:46] - [10134] - C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824184103}\ARPPRODUCTICON.exe () - () [19/06/2016 20:52:45] - [459934] - C:\Windows\Installer\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}\_6FEFF9B68218417F98F549.exe () - () [22/06/2016 01:02:48] - [429568] - C:\Windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}\IconCD95F66111.exe () - () [22/06/2016 01:02:48] - [230400] - C:\Windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}\IconCD95F66112.exe () - () [22/06/2016 01:02:48] - [316928] - C:\Windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}\IconCD95F66114.exe () - () [22/06/2016 01:02:48] - [374272] - C:\Windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}\IconCD95F66117.exe () - () ¤¤¤¤¤¤¤¤¤¤ | %System%\*.in* [14/07/2009 06:57:09] - [73] - C:\Windows\System32\desktop.ini [14/07/2009 01:01:52] - [71951] - C:\Windows\System32\ieuinit.inf [14/07/2009 07:13:15] - [1665132] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 23:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [14/07/2009 00:38:23] - [71951] - C:\Windows\Syswow64\ieuinit.inf [14/07/2009 06:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf [19/06/2016 19:24:02] - [1642062] - C:\Windows\Syswow64\PerfStringBackup.INI ¤¤¤¤¤¤¤¤¤¤ | [Nosferoth] [19/06/2016 19:05:10] - |HD| - [954727625] - C:\Users\Nosferoth\AppData [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\Application Data [19/06/2016 19:05:23] - |RD| - [68790] - C:\Users\Nosferoth\Contacts [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\Cookies [19/06/2016 19:05:10] - |RD| - [9278358342] - C:\Users\Nosferoth\Desktop [19/06/2016 19:05:10] - |RD| - [10790202] - C:\Users\Nosferoth\Documents [19/06/2016 19:05:10] - |RD| - [39471267] - C:\Users\Nosferoth\Downloads [19/06/2016 19:05:10] - |RD| - [4276] - C:\Users\Nosferoth\Favorites [19/06/2016 19:59:52] - |D| - [907986] - C:\Users\Nosferoth\Intel [19/06/2016 19:05:10] - |RD| - [2408] - C:\Users\Nosferoth\Links [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\Local Settings [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\Menu Démarrer [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\Mes documents [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\Modèles [19/06/2016 19:05:10] - |RD| - [504] - C:\Users\Nosferoth\Music [19/06/2016 19:05:10] - |ASH| - [1048576] - C:\Users\Nosferoth\NTUSER.DAT [19/06/2016 19:05:10] - |ASH| - [262144] - C:\Users\Nosferoth\ntuser.dat.LOG1 [19/06/2016 19:05:10] - |ASH| - [0] - C:\Users\Nosferoth\ntuser.dat.LOG2 [19/06/2016 19:05:10] - |ASH| - [65536] - C:\Users\Nosferoth\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [19/06/2016 19:05:10] - |ASH| - [524288] - C:\Users\Nosferoth\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [19/06/2016 19:05:10] - |ASH| - [524288] - C:\Users\Nosferoth\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [19/06/2016 19:05:10] - |SH| - [20] - C:\Users\Nosferoth\ntuser.ini [19/06/2016 19:05:10] - |RD| - [504] - C:\Users\Nosferoth\Pictures [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\Recent [19/06/2016 19:05:10] - |RD| - [282] - C:\Users\Nosferoth\Saved Games [19/06/2016 19:05:34] - |RD| - [1020] - C:\Users\Nosferoth\Searches [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\SendTo [19/06/2016 19:05:10] - |RD| - [504] - C:\Users\Nosferoth\Videos [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\Voisinage d'impression [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\Voisinage réseau [22/06/2016 01:12:58] - |A| - [2219008] - C:\Users\Nosferoth\ZHPDiag3.exe [19/06/2016 20:47:33] - |D| - [15349456] - C:\Users\Nosferoth\AppData\Local\Adobe [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\AppData\Local\Application Data [19/06/2016 21:39:47] - |D| - [8185973] - C:\Users\Nosferoth\AppData\Local\CEF [19/06/2016 20:42:26] - |D| - [4316295] - C:\Users\Nosferoth\AppData\Local\cFos [20/06/2016 01:26:49] - |D| - [60838653] - C:\Users\Nosferoth\AppData\Local\CrashDumps [19/06/2016 20:00:53] - |A| - [57560] - C:\Users\Nosferoth\AppData\Local\GDIPFONTCACHEV1.DAT [21/06/2016 01:41:40] - |D| - [19598] - C:\Users\Nosferoth\AppData\Local\Google [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\AppData\Local\Historique [22/06/2016 03:10:54] - |AH| - [1091978] - C:\Users\Nosferoth\AppData\Local\IconCache.db [19/06/2016 19:05:10] - |D| - [37418603] - C:\Users\Nosferoth\AppData\Local\Microsoft [21/06/2016 01:45:31] - |D| - [84882536] - C:\Users\Nosferoth\AppData\Local\Mozilla [19/06/2016 19:32:09] - |D| - [700] - C:\Users\Nosferoth\AppData\Local\NAHIMICAPO1.0.0 [19/06/2016 20:55:20] - |D| - [67346251] - C:\Users\Nosferoth\AppData\Local\NVIDIA [19/06/2016 20:55:35] - |D| - [2724] - C:\Users\Nosferoth\AppData\Local\NVIDIA Corporation [22/06/2016 01:17:01] - |D| - [0] - C:\Users\Nosferoth\AppData\Local\Programs [20/06/2016 00:30:37] - |D| - [560] - C:\Users\Nosferoth\AppData\Local\Stardock [19/06/2016 21:39:47] - |D| - [37500943] - C:\Users\Nosferoth\AppData\Local\Steam [19/06/2016 19:05:10] - |D| - [596328224] - C:\Users\Nosferoth\AppData\Local\Temp [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\AppData\Local\Temporary Internet Files [19/06/2016 19:05:22] - |D| - [1190] - C:\Users\Nosferoth\AppData\Local\VirtualStore [22/06/2016 01:02:18] - |D| - [262394] - C:\Users\Nosferoth\AppData\Local\WinZip [19/06/2016 19:05:34] - |ASH| - [174] - C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [19/06/2016 19:05:10] - |SHD| - [0] - C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [19/06/2016 19:05:10] - |RD| - [18965] - C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [19/06/2016 19:05:10] - |RD| - [14669] - C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [19/06/2016 19:05:34] - |RD| - [174] - C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [19/06/2016 20:52:20] - |D| - [0] - C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS [19/06/2016 19:05:34] - |ASH| - [476] - C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [19/06/2016 19:05:39] - |A| - [1429] - C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [19/06/2016 19:05:35] - |A| - [1463] - C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [19/06/2016 19:05:10] - |RD| - [580] - C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [19/06/2016 19:05:34] - |RD| - [174] - C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [22/06/2016 01:01:53] - |D| - [0] - C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5 [19/06/2016 19:05:34] - |ASH| - [174] - C:\Users\Nosferoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ¤¤¤¤¤¤¤¤¤¤ | [Public] [14/07/2009 05:20:08] - |RHD| - [18721] - C:\Users\Public\Desktop [14/07/2009 06:54:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [14/07/2009 05:20:08] - |RD| - [278] - C:\Users\Public\Documents [14/07/2009 05:20:08] - |RD| - [174] - C:\Users\Public\Downloads [14/07/2009 05:20:08] - |RHD| - [0] - C:\Users\Public\Favorites [14/07/2009 05:20:08] - |RHD| - [3992] - C:\Users\Public\Libraries [14/07/2009 05:20:08] - |RD| - [17412278] - C:\Users\Public\Music [14/07/2009 05:20:08] - |RD| - [7101480] - C:\Users\Public\Pictures [14/07/2009 09:45:14] - |RD| - [9699579] - C:\Users\Public\Recorded TV [14/07/2009 05:20:08] - |RD| - [26246732] - C:\Users\Public\Videos ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData [19/06/2016 20:29:39] - |D| - [27360947] - C:\ProgramData\Adobe [14/07/2009 07:08:56] - |SHD| - [13896541182] - C:\ProgramData\Application Data [19/06/2016 20:16:04] - |D| - [75071924] - C:\ProgramData\ASUS [20/06/2016 00:00:29] - |D| - [43872831] - C:\ProgramData\AVAST Software [19/06/2016 19:05:02] - |SHD| - [18721] - C:\ProgramData\Bureau [19/06/2016 20:42:23] - |D| - [164526] - C:\ProgramData\cFos [19/06/2016 20:32:20] - |D| - [1336] - C:\ProgramData\DAEMON Tools Pro [14/07/2009 07:08:56] - |SHD| - [18721] - C:\ProgramData\Desktop [14/07/2009 07:08:56] - |SHD| - [278] - C:\ProgramData\Documents [19/06/2016 19:28:52] - |AH| - [0] - C:\ProgramData\DP45977C.lfl [19/06/2016 19:05:02] - |SHD| - [0] - C:\ProgramData\Favoris [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [20/06/2016 00:12:36] - |D| - [12722] - C:\ProgramData\Google [19/06/2016 19:39:40] - |D| - [10322590] - C:\ProgramData\Intel [22/06/2016 01:47:16] - |D| - [33324248] - C:\ProgramData\Malwarebytes [19/06/2016 19:05:02] - |SHD| - [148587] - C:\ProgramData\Menu Démarrer [14/07/2009 05:20:08] - |SD| - [475842102] - C:\ProgramData\Microsoft [19/06/2016 19:05:02] - |SHD| - [0] - C:\ProgramData\Modèles [19/06/2016 20:51:04] - |D| - [2405341] - C:\ProgramData\NVIDIA [19/06/2016 20:49:43] - |D| - [686902183] - C:\ProgramData\NVIDIA Corporation [19/06/2016 21:20:29] - |D| - [30130162] - C:\ProgramData\Package Cache [22/06/2016 01:17:11] - |D| - [449261] - C:\ProgramData\RogueKiller [20/06/2016 00:30:40] - |D| - [886] - C:\ProgramData\Stardock [14/07/2009 07:08:56] - |SHD| - [148587] - C:\ProgramData\Start Menu [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Templates [22/06/2016 01:02:18] - |D| - [0] - C:\ProgramData\WinZip ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 07:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 06:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [22/06/2016 01:02:50] - |A| - [2390] - C:\ProgramData\Microsoft\Windows\Start Menu\Notifications de Mises à jour.lnk [22/06/2016 01:02:50] - |A| - [2317] - C:\ProgramData\Microsoft\Windows\Start Menu\Outils d’arrière-plan WinZip.lnk [19/06/2016 19:05:02] - |SHD| - [138571] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [14/07/2009 05:20:08] - |RD| - [138571] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 06:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk [22/06/2016 01:02:49] - |A| - [2319] - C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:20:08] - |RD| - [44960] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [14/07/2009 07:32:38] - |RD| - [21157] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [19/06/2016 20:30:28] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [19/06/2016 20:19:23] - |D| - [9173] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS [20/06/2016 00:12:57] - |A| - [1037] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk [20/06/2016 00:08:33] - |D| - [1940] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [19/06/2016 20:45:08] - |D| - [2849] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [19/06/2016 20:35:33] - |D| - [3292] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro [14/07/2009 06:54:23] - |ASH| - [964] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [14/07/2009 07:32:38] - |RD| - [6112] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [19/06/2016 20:00:34] - |RD| - [2398] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [14/07/2009 05:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [22/06/2016 01:47:18] - |D| - [3691] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [19/06/2016 18:58:34] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [21/06/2016 01:45:24] - |A| - [1163] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [19/06/2016 20:51:23] - |D| - [11121] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [22/06/2016 01:17:28] - |D| - [876] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller [14/07/2009 06:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [19/06/2016 19:29:02] - |D| - [1253] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Radar [14/07/2009 05:20:08] - |RD| - [6525] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [19/06/2016 21:33:26] - |D| - [1043] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [14/07/2009 09:45:14] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [19/06/2016 18:58:34] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [14/07/2009 06:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [14/07/2009 06:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [22/06/2016 01:02:49] - |D| - [2331] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5 [14/07/2009 06:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk [22/06/2016 02:00:21] - |D| - [1871] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 06:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [22/06/2016 01:02:48] - |A| - [1977] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [22/06/2016 01:02:50] - |A| - [2402] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk [22/06/2016 01:02:48] - |A| - [1972] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86) [19/06/2016 20:29:23] - |D| - [479922798] - C:\Program Files (x86)\Adobe [19/06/2016 20:15:16] - |D| - [193407092] - C:\Program Files (x86)\ASUS [14/07/2009 05:20:08] - |D| - [100239941] - C:\Program Files (x86)\Common Files [19/06/2016 20:35:08] - |D| - [46610174] - C:\Program Files (x86)\DAEMON Tools Pro [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [20/06/2016 00:12:02] - |D| - [31665674] - C:\Program Files (x86)\Google [19/06/2016 19:27:34] - |HD| - [16294093] - C:\Program Files (x86)\InstallShield Installation Information [19/06/2016 19:12:25] - |D| - [23194751] - C:\Program Files (x86)\Intel [14/07/2009 05:20:08] - |D| - [4658469] - C:\Program Files (x86)\Internet Explorer [22/06/2016 01:47:16] - |D| - [59434816] - C:\Program Files (x86)\Malwarebytes Anti-Malware [19/06/2016 19:22:10] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [21/06/2016 01:45:13] - |D| - [97025208] - C:\Program Files (x86)\Mozilla Firefox [21/06/2016 01:45:17] - |D| - [236995] - C:\Program Files (x86)\Mozilla Maintenance Service [14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild [19/06/2016 20:50:12] - |D| - [299924345] - C:\Program Files (x86)\NVIDIA Corporation [19/06/2016 19:27:35] - |D| - [12041177] - C:\Program Files (x86)\Realtek [14/07/2009 07:32:38] - |D| - [39159041] - C:\Program Files (x86)\Reference Assemblies [19/06/2016 21:33:26] - |D| - [6106363016] - C:\Program Files (x86)\Steam [19/06/2016 19:24:18] - |HD| - [0] - C:\Program Files (x86)\Temp [14/07/2009 06:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [19/06/2016 21:22:04] - |D| - [633996] - C:\Program Files (x86)\VulkanRT [14/07/2009 07:32:38] - |D| - [575488] - C:\Program Files (x86)\Windows Defender [14/07/2009 05:20:08] - |D| - [6705152] - C:\Program Files (x86)\Windows Mail [14/07/2009 07:32:38] - |D| - [5114641] - C:\Program Files (x86)\Windows Media Player [14/07/2009 05:20:08] - |D| - [12257460] - C:\Program Files (x86)\Windows NT [14/07/2009 07:32:38] - |D| - [4457224] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [6924428] - C:\Program Files (x86)\Windows Sidebar [22/06/2016 02:00:20] - |D| - [7233265] - C:\Program Files (x86)\ZHPFix ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files [19/06/2016 20:19:02] - |D| - [21088980] - C:\Program Files\ASUS [19/06/2016 19:29:02] - |D| - [24794175] - C:\Program Files\ASUSTeKcomputer.Inc [20/06/2016 00:05:23] - |D| - [1080331902] - C:\Program Files\AVAST Software [14/07/2009 05:20:08] - |D| - [64948071] - C:\Program Files\Common Files [19/06/2016 20:45:08] - |D| - [6667113] - C:\Program Files\CPUID [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [14/07/2009 07:32:38] - |D| - [90328084] - C:\Program Files\DVD Maker [19/06/2016 19:05:02] - |SHD| - [64948071] - C:\Program Files\Fichiers communs [20/06/2016 00:12:48] - |D| - [251208] - C:\Program Files\Google [19/06/2016 19:39:35] - |D| - [60926636] - C:\Program Files\Intel [14/07/2009 05:20:08] - |D| - [5246253] - C:\Program Files\Internet Explorer [14/07/2009 07:32:38] - |D| - [149787186] - C:\Program Files\Microsoft Games [14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files\MSBuild [19/06/2016 20:48:24] - |D| - [1319196672] - C:\Program Files\NVIDIA Corporation [19/06/2016 19:28:48] - |D| - [43635552] - C:\Program Files\Realtek [14/07/2009 07:32:38] - |D| - [36813993] - C:\Program Files\Reference Assemblies [22/06/2016 01:17:26] - |D| - [73157030] - C:\Program Files\RogueKiller [14/07/2009 07:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information [14/07/2009 07:32:38] - |D| - [4136960] - C:\Program Files\Windows Defender [14/07/2009 09:46:55] - |D| - [9332856] - C:\Program Files\Windows Journal [14/07/2009 05:20:08] - |D| - [7191552] - C:\Program Files\Windows Mail [14/07/2009 07:32:38] - |D| - [7821229] - C:\Program Files\Windows Media Player [14/07/2009 05:20:08] - |D| - [12687540] - C:\Program Files\Windows NT [14/07/2009 07:32:38] - |D| - [5555480] - C:\Program Files\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [8172230] - C:\Program Files\Windows Sidebar [22/06/2016 01:01:53] - |D| - [299088306] - C:\Program Files\WinZip ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)\Common Files [19/06/2016 20:29:23] - |D| - [20921330] - C:\Program Files (x86)\Common Files\Adobe [20/06/2016 00:08:05] - |D| - [890153] - C:\Program Files (x86)\Common Files\AV [19/06/2016 19:24:14] - |D| - [6149305] - C:\Program Files (x86)\Common Files\InstallShield [19/06/2016 20:04:36] - |D| - [239884] - C:\Program Files (x86)\Common Files\Intel Corporation [14/07/2009 05:20:08] - |D| - [18687361] - C:\Program Files (x86)\Common Files\microsoft shared [19/06/2016 19:39:10] - |D| - [196972] - C:\Program Files (x86)\Common Files\postureAgent [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [14/07/2009 05:20:08] - |D| - [41106343] - C:\Program Files (x86)\Common Files\SpeechEngines [19/06/2016 21:33:28] - |D| - [1518672] - C:\Program Files (x86)\Common Files\Steam [14/07/2009 05:20:08] - |D| - [10527219] - C:\Program Files (x86)\Common Files\System ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files\Common files [20/06/2016 00:08:05] - |D| - [890153] - C:\Program Files\Common files\AV [14/07/2009 05:20:08] - |D| - [50976189] - C:\Program Files\Common files\Microsoft Shared [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files\Common files\Services [14/07/2009 05:20:08] - |D| - [611328] - C:\Program Files\Common files\SpeechEngines [14/07/2009 05:20:08] - |D| - [12467699] - C:\Program Files\Common files\System ¤¤¤¤¤¤¤¤¤¤ | Tasks [MD5.8F43584A6B169FC90D849D186081CA83] - [20/06/2016 00:12:05] - |A| - [1066] - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [MD5.C12104D4F1DCB76A49C1791076DCEC34] - [20/06/2016 00:12:10] - |A| - [1070] - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 07:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.736299593CA034017C12E2C4240446A3] - [14/07/2009 07:08:49] - |A| - [6556] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.B63AD96D5AB77552EFDB7D2277C3B0CB] - [20/06/2016 01:15:48] - |A| - [3886] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.00000000000000000000000000000000] - [19/06/2016 20:16:22] - |D| - [15100] - C:\Windows\System32\Tasks\ASUS [MD5.00000000000000000000000000000000] - [20/06/2016 00:08:05] - |D| - [3860] - C:\Windows\System32\Tasks\AVAST Software [MD5.4E26AC1C0D8A1ADD43C195000DE8C210] - [20/06/2016 00:08:02] - |A| - [4182] - C:\Windows\System32\Tasks\avast! Emergency Update : C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [MD5.8CAD5FF3937F072DECABBAF4FCE3230F] - [20/06/2016 00:12:06] - |A| - [3814] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.2BF5EA04C9E74FF90A9DE0CEA3D95941] - [20/06/2016 00:12:10] - |A| - [4066] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:13] - |D| - [251484] - C:\Windows\System32\Tasks\Microsoft [MD5.7E3C6969C877129149D51F0B8B05A0AA] - [20/06/2016 00:12:58] - |A| - [3924] - C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1466374376 : C:\Program Files\AVAST Software\SZBrowser\launcher.exe [MD5.3BCA3CFC91F2771014D83F15754FF94E] - [22/06/2016 01:03:42] - |A| - [3542] - C:\Windows\System32\Tasks\WinZipBackGroundToolsTask : C:\Program Files\WinZip\WzBGTools.exe [MD5.00000000000000000000000000000000] - [14/07/2009 07:09:57] - |D| - [0] - C:\Windows\System32\Tasks\WPD [MD5.39EA1E8CBAB7486341A59C0F33B559EC] - [22/06/2016 02:50:49] - |A| - [3164] - C:\Windows\System32\Tasks\{30459CA0-4D5B-4A59-840F-7021DD25C93D} : C:\Windows\system32\pcalua.exe [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ¤¤¤¤¤¤¤¤¤¤ | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{8954F893-97BF-404F-A0B7-73A89138EEF6}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{C985EA28-8CC3-4CFC-B981-EC622450CF4D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|LPort=1487|Name=cFos HTTP mini-server TCP 1487| "{A59B2697-38B7-4040-B9B8-E69AA3015A03}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=80|App=C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe|Name=NVIDIA Network Service TCP Exception (HTTP)|Desc=TCP exceptions for NVIDIA Network Service| "{25CA521F-9776-4FF1-9410-8B0D5A5BB42D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=443|App=C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe|Name=NVIDIA Network Service TCP Exception (HTTPS)|Desc=TCP exceptions for NVIDIA Network Service| "{58302821-DA70-4C9B-B4E7-31998D7536A4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=47984|LPort=47989|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe|Name=SHIELD Streaming NSS TCP Exception|Desc=TCP exceptions for SHIELD Streaming NSS (HTTP)| "{74B7762D-D283-4D98-AD27-FD5C0D1F88D7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe|Name=SHIELD Streaming NSS UDP Exception|Desc=UDP exceptions for SHIELD Streaming NSS (mDNS)| "{4D4E6ED6-0D6C-4B2F-8FEA-32F735A63CC6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=47998|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe|Name=SHIELD Streaming SSAU UDP Exception|Desc=UDP exceptions for SHIELD Streaming SSAU (NWT)| "{6EF7EDC9-6723-4C58-8CE1-B6B9D6A65F21}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=35043|LPort=47995|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming NvStreamer TCP Exception|Desc=TCP exceptions for SHIELD Streaming NvStreamer (RTSP/RI)| "{26ABE4BB-7905-4084-9822-B88F5EA53E22}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=47995|LPort=47998|LPort=47999|LPort=48000|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming NvStreamer UDP Exception|Desc=UDP exceptions for SHIELD Streaming NvStreamer (RTSP/RI/A/V)| "{C5AB5A9C-18E4-4A87-AA73-7E70D8C9E71A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{1D487CF1-9898-49CB-A368-C9812187C6D6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "TCP Query User{A80137C5-6CBA-412B-A1EC-D72343F79773}C:\Users\Nosferoth\Desktop\quickdiag_2_22.06.2016.1.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Nosferoth\Desktop\quickdiag_2_22.06.2016.1.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "UDP Query User{8086F52E-78FA-489A-B2C4-2168ADE624EB}C:\Users\Nosferoth\Desktop\quickdiag_2_22.06.2016.1.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Nosferoth\Desktop\quickdiag_2_22.06.2016.1.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Users\Nosferoth\Desktop\quickdiag_2_22.06.2016.1.exe"=C:\Users\Nosferoth\Desktop\quickdiag_2_22.06.2016.1.exe:*:Enabled:quickdiag_2_22.06.2016.1 ¤¤¤¤¤¤¤¤¤¤ | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{41966169-3FD7-4392-AFE4-E6A9D0A92C72}] : (ASUSFILTER) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9D3039DD-CCA5-4B4D-B33D-E2DDC8A8C52E}] : (dtsoftbus01) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ¤¤¤¤¤¤¤¤¤¤ | Loaded modules (Microsoft Files whitelisted) [19/06/2016 19:51:18] - (2.5.0.19) - (Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Driver) - C:\Windows\system32\DRIVERS\iusb3hcs.sys [07/08/2013 14:23:46] - (12.8.0.1016) - (Intel Corporation - Intel Rapid Storage Technology driver - x64) - C:\Windows\system32\DRIVERS\iaStorA.sys [22/06/2016 01:30:24] - (1.1.2.5) - (Advanced Micro Devices - Storage Filter Driver) - C:\Windows\system32\drivers\amdxata.sys [20/06/2016 00:07:43] - (11.2.2738.0) - (AVAST Software - avast! Revert) - C:\Windows\System32\Drivers\aswRvrt.sys [20/06/2016 00:07:52] - (11.2.2738.0) - (AVAST Software - avast! VM Monitor) - C:\Windows\System32\Drivers\aswVmm.sys [07/08/2013 14:23:46] - (12.8.0.1016) - (Intel Corporation - Intel Rapid Storage Technology Filter driver - x64) - C:\Windows\system32\DRIVERS\iaStorF.sys [19/06/2016 20:35:11] - (5.5.0.386) - (Disc Soft Ltd - DAEMON Tools Virtual Bus Driver) - C:\Windows\system32\DRIVERS\dtsoftbus01.sys [20/06/2016 00:07:47] - (11.2.2738.0) - (AVAST Software - avast! self protection module) - C:\Windows\system32\drivers\aswSP.sys [20/06/2016 00:07:36] - (11.2.2738.0) - (AVAST Software - avast! Virtualization Driver) - C:\Windows\system32\drivers\aswSnx.sys [20/06/2016 00:11:52] - (11.2.2738.0) - (AVAST Software - avast! Keyboard Filter Driver) - C:\Windows\system32\drivers\aswKbd.sys [20/06/2016 00:07:39] - (11.2.2738.0) - (AVAST Software - avast! WFP Redirect Driver) - C:\Windows\system32\drivers\aswRdr2.sys [19/06/2016 20:42:56] - (9.5.2096.0) - (cFos Software GmbH - cFosSpeed Driver) - C:\Windows\system32\DRIVERS\cfosspeed6.sys [14/09/2012 04:06:23] - (0.0.0.0) - ( -) - C:\Windows\SysWow64\drivers\AsUpIO.sys [19/06/2016 20:16:04] - (0.0.0.0) - ( -) - C:\Windows\SysWow64\drivers\AsIO.sys [19/06/2016 21:19:49] - (10.18.13.6839) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 368.39) - C:\Windows\system32\DRIVERS\nvlddmkm.sys [19/06/2016 20:15:17] - (5.2.3790.0) - (ASUSTek Computer Inc. - ASUS Charger driver) - C:\Windows\SysWow64\drivers\AiCharger.sys [19/06/2016 19:51:10] - (2.5.0.19) - (Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller Driver) - C:\Windows\system32\DRIVERS\iusb3xhc.sys [19/06/2016 19:38:42] - (9.5.15.1730) - (Intel Corporation - Intel(R) Management Engine Interface) - C:\Windows\system32\DRIVERS\TeeDriverx64.sys [19/06/2016 19:45:34] - (12.10.30.0) - (Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver) - C:\Windows\system32\DRIVERS\e1d62x64.sys [20/06/2016 01:20:34] - (1.2.40.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\Windows\system32\drivers\nvvad64v.sys [19/06/2016 21:19:49] - (1.3.34.14) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\Windows\system32\drivers\nvhda64v.sys [19/06/2016 19:51:09] - (2.5.0.19) - (Intel Corporation - Intel(R) USB 3.0 Hub Driver) - C:\Windows\system32\DRIVERS\iusb3hub.sys [20/09/2011 06:25:56] - (5.28.10.0) - (MCCI Corporation - ASUS USB Hub filter driver) - C:\Windows\SysWow64\drivers\ASUSFILTER.sys [19/06/2016 19:28:16] - (6.0.1.7179) - (Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver) - C:\Windows\system32\drivers\RTKVHD64.sys [20/06/2016 00:07:43] - (11.2.2738.0) - (AVAST Software - avast! File System Minifilter for Windows 2003/Vista) - C:\Windows\system32\drivers\aswMonFlt.sys [20/06/2016 00:07:41] - (11.2.2738.0) - (AVAST Software - avast! HWID) - C:\Windows\system32\drivers\aswHwid.sys [14/07/2009 04:36:07] - (4.3.86.0) - (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. - Macrovision SECURITY Driver) - C:\Windows\System32\Drivers\secdrv.SYS [// ::] - (0.0.0.0) - ( -) - C:\Windows\system32\drivers\IOMap64.sys [19/06/2016 20:51:13] - (7.1.2071.761) - (NVIDIA Corporation - Nvidia Streaming Kernel Service) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys ¤¤¤¤¤¤¤¤¤¤ | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys R0 - amdxata () -> system32\drivers\amdxata.sys R0 - aswRvrt (avast! Revert) -> (?) R0 - aswVmm (avast! VM Monitor) -> (?) R0 - atapi (Canal IDE) -> system32\drivers\atapi.sys R0 - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - Disk (Pilote de disque) -> system32\DRIVERS\disk.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys R0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys R0 - iaStorA () -> system32\DRIVERS\iaStorA.sys R0 - iaStorF () -> system32\DRIVERS\iaStorF.sys R0 - iusb3hcs (Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0) -> system32\DRIVERS\iusb3hcs.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msahci () -> system32\drivers\msahci.sys R0 - msisadrv () -> system32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (Pilote de bus PCI) -> system32\drivers\pci.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys R0 - spldr (Security Processor Loader Driver) -> (?) R0 - storflt (@%SystemRoot%\system32\vmstorfltres.dll,-1000) -> system32\drivers\vmstorfl.sys R0 - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys R0 - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys R0 - vmbus (@%SystemRoot%\system32\vmbusres.dll,-1000) -> system32\drivers\vmbus.sys R0 - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - AsIO (AsIO) -> SysWow64\drivers\AsIO.sys R1 - AsUpIO (AsUpIO) -> SysWow64\drivers\AsUpIO.sys R1 - aswKbd (aswKbd) -> \SystemRoot\system32\drivers\aswKbd.sys R1 - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr2.sys R1 - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys R1 - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys R1 - Beep (Beep) -> (?) R1 - blbdrive () -> system32\DRIVERS\blbdrive.sys R1 - cdrom (Pilote de CD-ROM) -> \SystemRoot\system32\drivers\cdrom.sys R1 - cFosSpeed (cFosSpeed for faster Internet connections (NDIS 6)) -> system32\DRIVERS\cfosspeed6.sys R1 - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys R1 - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys R1 - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys R1 - dtsoftbus01 (DAEMON Tools Virtual Bus Driver) -> system32\DRIVERS\dtsoftbus01.sys R1 - Msfs () -> (?) R1 - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> \SystemRoot\system32\drivers\mssmbios.sys R1 - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys R1 - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys R1 - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys R1 - Serial (Pilote de port série) -> system32\DRIVERS\serial.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys R1 - TermDD (Pilote de périphérique terminal) -> \SystemRoot\system32\drivers\termdd.sys R1 - VgaSave () -> \SystemRoot\System32\drivers\vga.sys R1 - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys R1 - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys R2 - AdobeARMservice (Adobe Acrobat Update Service) -> "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" R2 - asComSvc (ASUS Com Service) -> C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe R2 - ASGT (ASGT) -> C:\Windows\SysWOW64\ASGT.exe R2 - asHmComSvc (ASUS HM Com Service) -> C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe R2 - AsusFanControlService (AsusFanControlService) -> "C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.11\AsusFanControlService.exe" R2 - aswHwid (avast! HardwareID) -> \SystemRoot\system32\drivers\aswHwid.sys R2 - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys S2 - aswStm (aswStm) -> \SystemRoot\system32\drivers\aswStm.sys R2 - AudioEndpointBuilder (@%SystemRoot%\system32\audiosrv.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - AudioSrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - avast! Antivirus (Avast Antivirus) -> "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork S2 - cFosSpeedS (cFosSpeed System Service) -> "C:\Program Files\ASUS\ROG GameFirst II\spd.exe" -service S2 - clr_optimization_v4.0.30319_32 (Microsoft .NET Framework NGEN v4.0.30319_X86) -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe S2 - clr_optimization_v4.0.30319_64 (Microsoft .NET Framework NGEN v4.0.30319_X64) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - CscService (@%systemroot%\system32\cscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - DcomLaunch (@oleres.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R2 - eventlog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation R2 - GfExperienceService (NVIDIA GeForce Experience Service) -> "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe" R2 - gpsvc (@gpapi.dll,-112) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc R2 - IAStorDataMgrSvc (Intel(R) Rapid Storage Technology) -> "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" R2 - Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) -> "C:\Program Files\Intel\iCLS Client\HeciServer.exe" R2 - Intel(R) PROSet Monitoring Service (Intel(R) PROSet Monitoring Service) -> C:\Windows\system32\IProsetMonitor.exe R2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs R2 - jhi_service (Intel(R) Dynamic Application Loader Host Interface Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys R2 - lmhosts (@%SystemRoot%\system32\lmhsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - LMS (Intel(R) Management and Security Application Local Management Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys S2 - MMCSS (@%systemroot%\system32\mmcss.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService R2 - NvNetworkService (NVIDIA Network Service) -> "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" R2 - NvStreamSvc (NVIDIA Streamer Service) -> "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" R2 - nvsvc (NVIDIA Display Driver Service) -> "C:\Windows\system32\nvvsvc.exe" R2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - PlugPlay (@%SystemRoot%\system32\umpnpmgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@oleres.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss R2 - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - secdrv (Security Driver) -> (?) R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe R2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe R2 - Stereo Service (NVIDIA Stereoscopic 3D Driver Service) -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe" R2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - UxSms (@%SystemRoot%\system32\dwm.exe,-2000) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - WinDefend (@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103) -> %SystemRoot%\System32\svchost.exe -k secsvcs R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - WMPNetworkSvc (@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101) -> "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding R2 - wuauserv (@%systemroot%\system32\wuaueng.dll,-105) -> %systemroot%\system32\svchost.exe -k netsvcs S3 - 1394ohci (Contrôleur d’hôte compatible OHCI 1394) -> \SystemRoot\system32\drivers\1394ohci.sys S3 - AcpiPmi (Jauge d’alimentation ACPI) -> \SystemRoot\system32\drivers\acpipmi.sys S3 - adp94xx () -> \SystemRoot\system32\DRIVERS\adp94xx.sys S3 - adpahci () -> \SystemRoot\system32\DRIVERS\adpahci.sys S3 - adpu320 () -> \SystemRoot\system32\DRIVERS\adpu320.sys R3 - AeLookupSvc (@%SystemRoot%\system32\aelupsvc.dll,-1) -> %systemroot%\system32\svchost.exe -k netsvcs S3 - agp440 (Filtre de bus AGP Intel) -> \SystemRoot\system32\drivers\agp440.sys R3 - AiCharger (AiCharger) -> SysWow64\drivers\AiCharger.sys S3 - ALG (@%SystemRoot%\system32\Alg.exe,-112) -> %SystemRoot%\System32\alg.exe S3 - aliide () -> \SystemRoot\system32\drivers\aliide.sys S3 - amdide () -> \SystemRoot\system32\drivers\amdide.sys S3 - AmdK8 (AMD K8 Processor Driver) -> \SystemRoot\system32\DRIVERS\amdk8.sys S3 - AmdPPM (AMD Processor Driver) -> \SystemRoot\system32\DRIVERS\amdppm.sys S3 - amdsata () -> \SystemRoot\system32\drivers\amdsata.sys S3 - amdsbs () -> \SystemRoot\system32\DRIVERS\amdsbs.sys S3 - AppID (@%systemroot%\system32\appidsvc.dll,-102) -> \SystemRoot\system32\drivers\appid.sys S3 - AppIDSvc (@%systemroot%\system32\appidsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation R3 - Appinfo (@%systemroot%\system32\appinfo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - AppMgmt (@appmgmts.dll,-3250) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - arc () -> \SystemRoot\system32\DRIVERS\arc.sys S3 - arcsas () -> \SystemRoot\system32\DRIVERS\arcsas.sys S3 - aspnet_state (ASP.NET State Service) -> %SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe R3 - ASUSFILTER (ASUSFILTER) -> SysWow64\drivers\ASUSFILTER.sys S3 - AsyncMac (@%systemroot%\system32\rascfg.dll,-32000) -> system32\DRIVERS\asyncmac.sys S3 - AxInstSV (@%SystemRoot%\system32\AxInstSV.dll,-103) -> %SystemRoot%\system32\svchost.exe -k AxInstSVGroup S3 - b06bdrv (Broadcom NetXtreme II VBD) -> \SystemRoot\system32\DRIVERS\bxvbda.sys S3 - b57nd60a (Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0) -> system32\DRIVERS\b57nd60a.sys S3 - BDESVC (@%SystemRoot%\system32\bdesvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs R3 - bowser (@%systemroot%\system32\browser.dll,-102) -> system32\DRIVERS\bowser.sys S3 - BrFiltLo (Brother USB Mass-Storage Lower Filter Driver) -> \SystemRoot\system32\DRIVERS\BrFiltLo.sys S3 - BrFiltUp (Brother USB Mass-Storage Upper Filter Driver) -> \SystemRoot\system32\DRIVERS\BrFiltUp.sys R3 - Browser (@%systemroot%\system32\browser.dll,-100) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - Brserid (Brother MFC Serial Port Interface Driver (WDM)) -> \SystemRoot\System32\Drivers\Brserid.sys S3 - BrSerWdm (Brother WDM Serial driver) -> \SystemRoot\System32\Drivers\BrSerWdm.sys S3 - BrUsbMdm (Brother MFC USB Fax Only Modem) -> \SystemRoot\System32\Drivers\BrUsbMdm.sys S3 - BrUsbSer (Brother MFC USB Serial WDM Driver) -> \SystemRoot\System32\Drivers\BrUsbSer.sys S3 - BTHMODEM (Bluetooth Serial Communications Driver) -> \SystemRoot\system32\DRIVERS\bthmodem.sys S3 - bthserv (@%SystemRoot%\System32\bthserv.dll,-101) -> %SystemRoot%\system32\svchost.exe -k bthsvcs S3 - CertPropSvc (@%SystemRoot%\System32\certprop.dll,-11) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - circlass (Consumer IR Devices) -> \SystemRoot\system32\DRIVERS\circlass.sys S3 - CmBatt (Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\system32\DRIVERS\CmBatt.sys S3 - cmdide () -> \SystemRoot\system32\drivers\cmdide.sys S3 - Compbatt () -> \SystemRoot\system32\DRIVERS\compbatt.sys R3 - CompositeBus (Pilote de l’énumérateur de bus composite) -> \SystemRoot\system32\drivers\CompositeBus.sys S3 - COMSysApp (@comres.dll,-947) -> %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} S3 - defragsvc (@%SystemRoot%\system32\defragsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k defragsvc S3 - dot3svc (@%systemroot%\system32\dot3svc.dll,-1102) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - drmkaud (Pilotes audio approuvés par Microsoft) -> system32\drivers\drmkaud.sys R3 - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys R3 - e1dexpress (Intel(R) PRO/1000 PCI Express Network Connection Driver D) -> system32\DRIVERS\e1d62x64.sys S3 - EapHost (@%systemroot%\system32\eapsvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - ebdrv (Broadcom NetXtreme II 10 GigE VBD) -> \SystemRoot\system32\DRIVERS\evbda.sys S3 - EFS (@%SystemRoot%\system32\efssvc.dll,-100) -> %SystemRoot%\System32\lsass.exe S3 - ehRecvr (@%SystemRoot%\ehome\ehrecvr.exe,-101) -> %systemroot%\ehome\ehRecvr.exe S3 - ehSched (@%SystemRoot%\ehome\ehsched.exe,-101) -> %systemroot%\ehome\ehsched.exe S3 - elxstor () -> \SystemRoot\system32\DRIVERS\elxstor.sys S3 - ErrDev (Pilote de périphérique d’erreur matérielle Microsoft) -> \SystemRoot\system32\drivers\errdev.sys S3 - exfat (exFAT File System Driver) -> (?) S3 - fastfat (FAT12/16/32 File System Driver) -> (?) S3 - Fax (@%systemroot%\system32\fxsresm.dll,-118) -> %systemroot%\system32\fxssvc.exe S3 - fdc (Floppy Disk Controller Driver) -> \SystemRoot\system32\DRIVERS\fdc.sys R3 - fdPHost (@%systemroot%\system32\fdPHost.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService R3 - FDResPub (@%systemroot%\system32\fdrespub.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys S3 - flpydisk (Floppy Disk Driver) -> \SystemRoot\system32\DRIVERS\flpydisk.sys S3 - FontCache3.0.0.0 (@%SystemRoot%\system32\PresentationHost.exe,-3309) -> %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe S3 - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys S3 - gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) -> \SystemRoot\system32\DRIVERS\gagp30kx.sys S3 - gupdatem (Service Google Update (gupdatem)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc S3 - gusvc (Google Software Updater) -> "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" S3 - hcw85cir (Hauppauge Consumer Infrared Receiver) -> \SystemRoot\system32\drivers\hcw85cir.sys S3 - HdAudAddService (Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio) -> \SystemRoot\system32\drivers\HdAudio.sys R3 - HDAudBus (Pilote de bus UAA Microsoft pour High Definition Audio) -> \SystemRoot\system32\drivers\HDAudBus.sys S3 - HidBatt (HID UPS Battery Driver) -> \SystemRoot\system32\DRIVERS\HidBatt.sys S3 - HidBth (Microsoft Bluetooth HID Miniport) -> \SystemRoot\system32\DRIVERS\hidbth.sys S3 - HidIr (Microsoft Infrared HID Driver) -> \SystemRoot\system32\DRIVERS\hidir.sys R3 - hidserv (@%SystemRoot%\System32\hidserv.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R3 - HidUsb (Pilote de classe HID Microsoft) -> \SystemRoot\system32\drivers\hidusb.sys S3 - hkmsvc (@%SystemRoot%\system32\kmsvc.dll,-6) -> %SystemRoot%\System32\svchost.exe -k netsvcs R3 - HomeGroupListener (@%SystemRoot%\System32\ListSvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R3 - HomeGroupProvider (@%SystemRoot%\System32\provsvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted S3 - HpSAMD () -> \SystemRoot\system32\drivers\HpSAMD.sys R3 - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys S3 - i8042prt (Pilote pour clavier i8042 et souris sur port PS/2) -> \SystemRoot\system32\drivers\i8042prt.sys S3 - iaStorV (Contrôleur RAID Intel Windows 7) -> \SystemRoot\system32\drivers\iaStorV.sys S3 - ICCS (Intel(R) Integrated Clock Controller Service - Intel(R) ICCS) -> "C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe" S3 - idsvc (@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193) -> "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" S3 - iirsp () -> \SystemRoot\system32\DRIVERS\iirsp.sys S3 - IKEEXT (@%SystemRoot%\system32\ikeext.dll,-501) -> %systemroot%\system32\svchost.exe -k netsvcs R3 - IntcAzAudAddService (Service for Realtek HD Audio (WDM)) -> system32\drivers\RTKVHD64.sys S3 - Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) -> "C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe" S3 - intelide () -> \SystemRoot\system32\drivers\intelide.sys R3 - intelppm (Pilote de processeur Intel) -> system32\DRIVERS\intelppm.sys S3 - IPBusEnum (@%systemroot%\system32\IPBusEnum.dll,-102) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - IpFilterDriver (@%systemroot%\system32\rascfg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys S3 - IPMIDRV () -> \SystemRoot\system32\drivers\IPMIDrv.sys S3 - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys S3 - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys S3 - isapnp () -> \SystemRoot\system32\drivers\isapnp.sys S3 - iScsiPrt (Pilote iScsiPort) -> \SystemRoot\system32\drivers\msiscsi.sys R3 - iusb3hub (Pilote de concentrateur Intel(R) USB 3.0) -> system32\DRIVERS\iusb3hub.sys R3 - iusb3xhc (Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0) -> system32\DRIVERS\iusb3xhc.sys R3 - kbdclass (Pilote de la classe Clavier) -> \SystemRoot\system32\drivers\kbdclass.sys R3 - kbdhid (Pilote HID de clavier) -> \SystemRoot\system32\drivers\kbdhid.sys R3 - KeyIso (@keyiso.dll,-100) -> %SystemRoot%\system32\lsass.exe R3 - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys S3 - KtmRm (@comres.dll,-2946) -> %SystemRoot%\System32\svchost.exe -k NetworkServiceAndNoImpersonation S3 - lltdsvc (@%SystemRoot%\system32\lltdres.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalService S3 - LSI_FC () -> \SystemRoot\system32\DRIVERS\lsi_fc.sys S3 - LSI_SAS () -> \SystemRoot\system32\DRIVERS\lsi_sas.sys S3 - LSI_SAS2 () -> \SystemRoot\system32\DRIVERS\lsi_sas2.sys S3 - LSI_SCSI () -> \SystemRoot\system32\DRIVERS\lsi_scsi.sys S3 - megasas () -> \SystemRoot\system32\DRIVERS\megasas.sys S3 - MegaSR () -> \SystemRoot\system32\DRIVERS\MegaSR.sys R3 - MEIx64 (Intel(R) Management Engine Interface) -> system32\DRIVERS\TeeDriverx64.sys S3 - Modem () -> system32\drivers\modem.sys R3 - monitor (Service Pilote de fonction de classe Moniteur Microsoft) -> system32\DRIVERS\monitor.sys R3 - mouclass (Pilote de la classe Souris) -> \SystemRoot\system32\drivers\mouclass.sys R3 - mouhid (Pilote HID de souris) -> system32\DRIVERS\mouhid.sys S3 - MozillaMaintenance (Mozilla Maintenance Service) -> "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" S3 - mpio (Pilote de bus à chemins d’accès multiples Microsoft) -> \SystemRoot\system32\drivers\mpio.sys R3 - mpsdrv (@%SystemRoot%\system32\FirewallAPI.dll,-23092) -> System32\drivers\mpsdrv.sys S3 - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys R3 - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys R3 - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys R3 - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys S3 - msdsm (Module spécifique de périphériques à chemins d’accès multiples Microsoft) -> \SystemRoot\system32\drivers\msdsm.sys S3 - MSDTC (@comres.dll,-2797) -> %SystemRoot%\System32\msdtc.exe S3 - mshidkmdf (@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100) -> \SystemRoot\System32\drivers\mshidkmdf.sys S3 - MSiSCSI (@%SystemRoot%\system32\iscsidsc.dll,-5000) -> %systemroot%\system32\svchost.exe -k netsvcs S3 - msiserver (@%SystemRoot%\system32\msimsg.dll,-27) -> %systemroot%\system32\msiexec.exe /V S3 - MSKSSRV (Proxy de service de répartition Microsoft) -> system32\drivers\MSKSSRV.sys S3 - MSPCLOCK (Proxy d'horloge de répartition Microsoft) -> system32\drivers\MSPCLOCK.sys S3 - MSPQM (Proxy de gestion de qualité de répartition Microsoft) -> system32\drivers\MSPQM.sys S3 - MsRPC () -> (?) S3 - MSTEE (Convertisseur en T/site-à-site de répartition Microsoft) -> system32\drivers\MSTEE.sys S3 - MTConfig (Microsoft Input Configuration Driver) -> \SystemRoot\system32\DRIVERS\MTConfig.sys S3 - napagent (@%SystemRoot%\system32\qagentrt.dll,-6) -> %SystemRoot%\System32\svchost.exe -k NetworkService S3 - NativeWifiP (NativeWiFi Filter) -> system32\DRIVERS\nwifi.sys S3 - NdisCap (NDIS Capture LightWeight Filter) -> system32\DRIVERS\ndiscap.sys R3 - NdisTapi (@%systemroot%\system32\rascfg.dll,-32001) -> system32\DRIVERS\ndistapi.sys S3 - Ndisuio (NDIS Usermode I/O Protocol) -> system32\DRIVERS\ndisuio.sys R3 - NdisWan (@%systemroot%\system32\rascfg.dll,-32002) -> system32\DRIVERS\ndiswan.sys R3 - NDProxy (NDIS Proxy) -> (?) S3 - Netlogon (@%SystemRoot%\System32\netlogon.dll,-102) -> %systemroot%\system32\lsass.exe R3 - Netman (@%SystemRoot%\system32\netman.dll,-109) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R3 - netprofm (@%SystemRoot%\system32\netprofm.dll,-202) -> %SystemRoot%\System32\svchost.exe -k LocalService S3 - nfrd960 () -> \SystemRoot\system32\DRIVERS\nfrd960.sys R3 - Ntfs () -> (?) R3 - NVHDA (Service for NVIDIA High Definition Audio Driver) -> system32\drivers\nvhda64v.sys R3 - nvlddmkm () -> system32\DRIVERS\nvlddmkm.sys S3 - nvraid () -> \SystemRoot\system32\drivers\nvraid.sys S3 - nvstor () -> \SystemRoot\system32\drivers\nvstor.sys R3 - NvStreamKms (NvStreamKms) -> \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys R3 - NvStreamNetworkSvc (NVIDIA Streamer Network Service) -> "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" R3 - nvvad_WaveExtensible (NVIDIA Virtual Audio Device (Wave Extensible) (WDM)) -> system32\drivers\nvvad64v.sys S3 - nv_agp (Filtre de bus NVIDIA nForce AGP) -> \SystemRoot\system32\drivers\nv_agp.sys S3 - ohci1394 (Contrôleur d’hôte compatible OHCI 1394 (hérité)) -> \SystemRoot\system32\drivers\ohci1394.sys R3 - p2pimsvc (@%SystemRoot%\system32\pnrpsvc.dll,-8004) -> %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet R3 - p2psvc (@%SystemRoot%\system32\p2psvc.dll,-8006) -> %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet S3 - Parport (Parallel port driver) -> \SystemRoot\system32\DRIVERS\parport.sys S3 - pciide () -> \SystemRoot\system32\drivers\pciide.sys S3 - pcmcia () -> \SystemRoot\system32\DRIVERS\pcmcia.sys S3 - PeerDistSvc (@%SystemRoot%\system32\peerdistsvc.dll,-9000) -> %SystemRoot%\System32\svchost.exe -k PeerDist S3 - PerfHost (@%systemroot%\sysWow64\perfhost.exe,-2) -> %SystemRoot%\SysWow64\perfhost.exe S3 - pla (@%systemroot%\system32\pla.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork S3 - PNRPAutoReg (@%SystemRoot%\system32\pnrpauto.dll,-8002) -> %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet R3 - PNRPsvc (@%SystemRoot%\system32\pnrpsvc.dll,-8000) -> %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet R3 - PolicyAgent (@%SystemRoot%\System32\polstore.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted R3 - PptpMiniport (@%systemroot%\system32\rascfg.dll,-32006) -> system32\DRIVERS\raspptp.sys S3 - Processor (Processor Driver) -> \SystemRoot\system32\DRIVERS\processr.sys S3 - ProtectedStorage (@%systemroot%\system32\psbase.dll,-300) -> %SystemRoot%\system32\lsass.exe S3 - ql2300 () -> \SystemRoot\system32\DRIVERS\ql2300.sys S3 - ql40xx () -> \SystemRoot\system32\DRIVERS\ql40xx.sys S3 - QWAVE (@%SystemRoot%\system32\qwave.dll,-1) -> %windir%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys S3 - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys R3 - RasAgileVpn (WAN Miniport (IKEv2)) -> system32\DRIVERS\AgileVpn.sys S3 - RasAuto (@%Systemroot%\system32\rasauto.dll,-200) -> %SystemRoot%\System32\svchost.exe -k netsvcs R3 - Rasl2tp (@%systemroot%\system32\rascfg.dll,-32005) -> system32\DRIVERS\rasl2tp.sys S3 - RasMan (@%Systemroot%\system32\rasmans.dll,-200) -> %SystemRoot%\System32\svchost.exe -k netsvcs R3 - RasPppoe (@%systemroot%\system32\rascfg.dll,-32007) -> system32\DRIVERS\raspppoe.sys R3 - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> system32\DRIVERS\rassstp.sys R3 - rdpbus (Remote Desktop Device Redirector Bus Driver) -> system32\DRIVERS\rdpbus.sys S3 - RDPDR (Terminal Server Device Redirector Driver) -> System32\drivers\rdpdr.sys S3 - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys S3 - RDPWD (RDP Winstation Driver) -> (?) S3 - RemoteRegistry (@regsvc.dll,-1) -> %SystemRoot%\system32\svchost.exe -k regsvc S3 - RpcLocator (@%systemroot%\system32\Locator.exe,-2) -> %SystemRoot%\system32\locator.exe S3 - s3cap () -> \SystemRoot\system32\drivers\vms3cap.sys S3 - sbp2port (Pilote de bus de transport/protocole SBP-2) -> \SystemRoot\system32\drivers\sbp2port.sys S3 - SCardSvr (@%SystemRoot%\System32\SCardSvr.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys S3 - SCPolicySvc (@%SystemRoot%\System32\certprop.dll,-13) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - SDRSVC (@%SystemRoot%\system32\sdrsvc.dll,-107) -> %SystemRoot%\system32\svchost.exe -k SDRSVC S3 - seclogon (@%SystemRoot%\system32\seclogon.dll,-7001) -> %windir%\system32\svchost.exe -k netsvcs S3 - SensrSvc (@%SystemRoot%\System32\sensrsvc.dll,-1000) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation R3 - Serenum (Pilote de filtre Serenum) -> system32\DRIVERS\serenum.sys S3 - sermouse (Serial Mouse Driver) -> \SystemRoot\system32\DRIVERS\sermouse.sys S3 - SessionEnv (@%SystemRoot%\System32\SessEnv.dll,-1026) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - sffdisk (Pilote de classe de stockage SFF) -> \SystemRoot\system32\drivers\sffdisk.sys S3 - sffp_mmc (Pilote de protocole de stockage SFF pour MMC) -> \SystemRoot\system32\drivers\sffp_mmc.sys S3 - sffp_sd (Pilote de protocole de stockage SFF pour SDBus) -> \SystemRoot\system32\drivers\sffp_sd.sys S3 - sfloppy (High-Capacity Floppy Disk Drive) -> \SystemRoot\system32\DRIVERS\sfloppy.sys S3 - SiSRaid2 () -> \SystemRoot\system32\DRIVERS\SiSRaid2.sys S3 - SiSRaid4 () -> \SystemRoot\system32\DRIVERS\sisraid4.sys S3 - Smb (@%SystemRoot%\system32\tcpipcfg.dll,-50005) -> system32\DRIVERS\smb.sys S3 - SNMPTRAP (@%SystemRoot%\system32\snmptrap.exe,-3) -> %SystemRoot%\System32\snmptrap.exe R3 - sppuinotify (@%SystemRoot%\system32\sppuinotify.dll,-103) -> %SystemRoot%\system32\svchost.exe -k LocalService R3 - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys R3 - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys R3 - srvnet () -> System32\DRIVERS\srvnet.sys R3 - SSDPSRV (@%systemroot%\system32\ssdpsrv.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - SstpSvc (@%SystemRoot%\system32\sstpsvc.dll,-200) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - Steam Client Service (Steam Client Service) -> "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService S3 - stexstor () -> \SystemRoot\system32\DRIVERS\stexstor.sys S3 - stisvc (@%SystemRoot%\system32\wiaservc.dll,-9) -> %SystemRoot%\system32\svchost.exe -k imgsvc S3 - storvsc () -> \SystemRoot\system32\drivers\storvsc.sys R3 - swenum (Pilote de bus logiciel) -> \SystemRoot\system32\drivers\swenum.sys S3 - swprv (@%SystemRoot%\System32\swprv.dll,-103) -> %SystemRoot%\System32\svchost.exe -k swprv S3 - Synth3dVsc () -> System32\drivers\synth3dvsc.sys S3 - TabletInputService (@%SystemRoot%\system32\TabSvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - TapiSrv (@%SystemRoot%\system32\tapisrv.dll,-10100) -> %SystemRoot%\System32\svchost.exe -k NetworkService S3 - TBS (@%SystemRoot%\system32\tbssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation S3 - TCPIP6 (Microsoft IPv6 Protocol Driver) -> system32\DRIVERS\tcpip.sys S3 - TDPIPE (TDPIPE) -> system32\drivers\tdpipe.sys S3 - TDTCP (TDTCP) -> system32\drivers\tdtcp.sys S3 - TermService (@%SystemRoot%\System32\termsrv.dll,-268) -> %SystemRoot%\System32\svchost.exe -k NetworkService S3 - THREADORDER (@%systemroot%\system32\mmcss.dll,-102) -> %SystemRoot%\system32\svchost.exe -k LocalService R3 - TrustedInstaller (@%SystemRoot%\servicing\TrustedInstaller.exe,-100) -> %SystemRoot%\servicing\TrustedInstaller.exe S3 - tssecsrv (@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101) -> System32\DRIVERS\tssecsrv.sys S3 - TsUsbFlt (@%SystemRoot%\system32\drivers\tsusbflt.sys,-1) -> System32\drivers\tsusbflt.sys S3 - tsusbhub (@%SystemRoot%\system32\drivers\tsusbhub.sys,-1) -> system32\drivers\tsusbhub.sys R3 - tunnel (Pilote de carte miniport Microsoft Tunnel) -> system32\DRIVERS\tunnel.sys S3 - uagp35 (Microsoft AGPv3.5 Filter) -> \SystemRoot\system32\DRIVERS\uagp35.sys S3 - UI0Detect (@%SystemRoot%\system32\ui0detect.exe,-101) -> %SystemRoot%\system32\UI0Detect.exe S3 - uliagpkx (Filtre de bus AGP Uli) -> \SystemRoot\system32\drivers\uliagpkx.sys R3 - umbus (Pilote d’énumérateur UMBus) -> \SystemRoot\system32\drivers\umbus.sys S3 - UmPass (Microsoft UMPass Driver) -> \SystemRoot\system32\DRIVERS\umpass.sys S3 - UmRdpService (@%SystemRoot%\system32\umrdp.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R3 - upnphost (@%systemroot%\system32\upnphost.dll,-213) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation R3 - usbccgp (Pilote parent générique USB Microsoft) -> \SystemRoot\system32\drivers\usbccgp.sys S3 - usbcir (Récepteur infrarouge eHome (USBCIR)) -> \SystemRoot\system32\drivers\usbcir.sys R3 - usbehci (Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0) -> \SystemRoot\system32\drivers\usbehci.sys R3 - usbhub (Pilote de concentrateur standard USB Microsoft) -> \SystemRoot\system32\drivers\usbhub.sys S3 - usbohci (Pilote miniport de contrôleur hôte ouvert USB Microsoft) -> \SystemRoot\system32\drivers\usbohci.sys S3 - usbprint (Microsoft USB PRINTER Class) -> \SystemRoot\system32\DRIVERS\usbprint.sys S3 - USBSTOR (Pilote de stockage de masse USB) -> \SystemRoot\system32\drivers\USBSTOR.SYS S3 - usbuhci (Pilote miniport de contrôleur hôte universel USB Microsoft) -> \SystemRoot\system32\drivers\usbuhci.sys S3 - VaultSvc (@%SystemRoot%\system32\vaultsvc.dll,-1003) -> %SystemRoot%\system32\lsass.exe S3 - vds (@%SystemRoot%\system32\vds.exe,-100) -> %SystemRoot%\System32\vds.exe S3 - vga () -> system32\DRIVERS\vgapnp.sys S3 - VGPU () -> System32\drivers\rdvgkmd.sys S3 - vhdmp () -> \SystemRoot\system32\drivers\vhdmp.sys S3 - viaide () -> \SystemRoot\system32\drivers\viaide.sys S3 - VMBusHID () -> \SystemRoot\system32\drivers\VMBusHID.sys S3 - vsmraid () -> \SystemRoot\system32\DRIVERS\vsmraid.sys S3 - VSS (@%systemroot%\system32\vssvc.exe,-102) -> %systemroot%\system32\vssvc.exe S3 - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys S3 - W32Time (@%SystemRoot%\system32\w32time.dll,-200) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - WacomPen (Wacom Serial Pen HID Driver) -> \SystemRoot\system32\DRIVERS\wacompen.sys S3 - WANARP (@%systemroot%\system32\rascfg.dll,-32011) -> system32\DRIVERS\wanarp.sys S3 - wbengine (@%systemroot%\system32\wbengine.exe,-104) -> "%systemroot%\system32\wbengine.exe" S3 - WbioSrvc (@%systemroot%\system32\wbiosrvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k WbioSvcGroup S3 - wcncsvc (@%SystemRoot%\system32\wcncsvc.dll,-3) -> %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation S3 - WcsPlugInService (@%SystemRoot%\system32\WcsPlugInService.dll,-200) -> %SystemRoot%\system32\svchost.exe -k wcssvc S3 - Wd () -> \SystemRoot\system32\DRIVERS\wd.sys R3 - WdiServiceHost (@%systemroot%\system32\wdi.dll,-502) -> %SystemRoot%\System32\svchost.exe -k LocalService S3 - WdiSystemHost (@%systemroot%\system32\wdi.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - WebClient (@%systemroot%\system32\webclnt.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - Wecsvc (@%SystemRoot%\system32\wecsvc.dll,-200) -> %SystemRoot%\system32\svchost.exe -k NetworkService S3 - wercplsupport (@%SystemRoot%\System32\wercplsupport.dll,-101) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - WerSvc (@%SystemRoot%\System32\wersvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k WerSvcGroup S3 - WIMMount (WIMMount) -> system32\drivers\wimmount.sys S3 - WinHttpAutoProxySvc (@%SystemRoot%\system32\winhttp.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - WinRM (@%Systemroot%\system32\wsmsvc.dll,-101) -> %SystemRoot%\System32\svchost.exe -k NetworkService S3 - Winsock () -> (?) S3 - Wlansvc (@%SystemRoot%\System32\wlansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R3 - WmiAcpi (Microsoft Windows Management Interface for ACPI) -> \SystemRoot\system32\drivers\wmiacpi.sys S3 - wmiApSrv (@%Systemroot%\system32\wbem\wmiapsrv.exe,-110) -> %systemroot%\system32\wbem\WmiApSrv.exe S3 - WPCSvc (@%SystemRoot%\system32\wpcsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted S3 - WPDBusEnum (@%SystemRoot%\system32\wpdbusenum.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - WudfPf (User Mode Driver Frameworks Platform Driver) -> system32\drivers\WudfPf.sys S3 - wudfsvc (@%SystemRoot%\system32\wudfsvc.dll,-1000) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - WwanSvc (@%SystemRoot%\System32\wwansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork S4 - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys S4 - clr_optimization_v2.0.50727_32 (Microsoft .NET Framework NGEN v2.0.50727_X86) -> %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe S4 - clr_optimization_v2.0.50727_64 (Microsoft .NET Framework NGEN v2.0.50727_X64) -> %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe S4 - crcdisk (Crcdisk Filter Driver) -> \SystemRoot\system32\DRIVERS\crcdisk.sys R4 - IOMap (IOMap) -> \??\C:\Windows\system32\drivers\IOMap64.sys S4 - Mcx2Svc (@%SystemRoot%\ehome\ehres.dll,-15501) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S4 - NetMsmqActivator (@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195) -> "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator S4 - NetPipeActivator (@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe S4 - NetTcpActivator (@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe S4 - NetTcpPortSharing (@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8201) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe S4 - RemoteAccess (@%Systemroot%\system32\mprdim.dll,-200) -> %SystemRoot%\System32\svchost.exe -k netsvcs S4 - SharedAccess (@%SystemRoot%\system32\ipnathlp.dll,-106) -> %SystemRoot%\System32\svchost.exe -k netsvcs S4 - udfs (udfs) -> system32\DRIVERS\udfs.sys S4 - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys ¤¤¤¤¤¤¤¤¤¤ | System files (Microsoft Files whitelisted) [MD5.2F6B34B83843F0C5118B63AC634F5BF4] - [10/06/2009 22:36:24] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - [479.58 Ko] - (1.6.6.4) - C:\Windows\System32\Drivers\adp94xx.sys [MD5.597F78224EE9224EA1A13D6350CED962] - [13/07/2009 23:59:32] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - [331.58 Ko] - (1.6.6.1) - C:\Windows\System32\Drivers\adpahci.sys [MD5.E109549C90F62FB570B9540C4B148E54] - [13/07/2009 23:59:33] - (.Copyright © 2003 Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - [178.58 Ko] - (7.2.0.0) - C:\Windows\System32\Drivers\adpu320.sys [MD5.5812713A477A3AD7363C7438CA2EE038] - [14/07/2009 01:19:47] - (.Copyright (C) Acer Laboratories Inc. 2000 - ALi mini IDE Driver.) - [15.08 Ko] - (1.2.0.0) - C:\Windows\System32\Drivers\aliide.sys [MD5.1FF8B4431C353CE385C875F194924C0C] - [14/07/2009 01:19:49] - (.Copyright (C) AMD 2003 - Pilote IDE AMD.) - [15.08 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\amdide.sys [MD5.6EC6D772EAE38DC17C14AED9B178D24B] - [22/06/2016 01:30:58] - (.Copyright © 2008-2010 AMD, Inc. - AHCI 1.2 Device Driver.) - [105.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdsata.sys [MD5.F67F933E79241ED32FF46A4F29B5120B] - [10/06/2009 22:37:35] - (.2008 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [189.58 Ko] - (3.6.1540.127) - C:\Windows\System32\Drivers\amdsbs.sys [MD5.1142A21DB581A84EA5597B03A26EBAA0] - [22/06/2016 01:30:24] - (.Copyright © 2008-2010 AMD, Inc. - Storage Filter Driver.) - [26.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdxata.sys [MD5.C484F8CEB1717C540242531DB7845C4E] - [13/07/2009 23:59:33] - (.Copyright 2007 Adaptec, Inc. - Adaptec RAID Storport Driver.) - [85.58 Ko] - (5.2.0.10384) - C:\Windows\System32\Drivers\arc.sys [MD5.019AF6924AEFE7839F61C830227FE79C] - [13/07/2009 23:59:33] - (.Copyright 2008 Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - [95.56 Ko] - (5.2.0.16119) - C:\Windows\System32\Drivers\arcsas.sys [MD5.1694434F5B9AB16772C7A8E2EF9134CA] - [20/06/2016 00:07:41] - (.Copyright (c) 2014 AVAST Software - avast! HWID.) - [36.77 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswHwid.sys [MD5.786E8BCDFF674068F3C950615FC2E71C] - [20/06/2016 00:11:52] - (.Copyright (c) 2014 AVAST Software - avast! Keyboard Filter Driver.) - [36.27 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswKbd.sys [MD5.33D0DD0471FDF449C81338863FC63978] - [20/06/2016 00:07:43] - (.Copyright (c) 2014 AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) - [105.27 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswMonFlt.sys [MD5.DF190688D993A3DB227BFB0BB40BD7D4] - [20/06/2016 00:07:39] - (.Copyright (c) 2014 AVAST Software - avast! WFP Redirect Driver.) - [100.65 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswRdr2.sys [MD5.D873455DFA27680585AE238503917DF5] - [20/06/2016 00:07:43] - (.Copyright (c) 2014 AVAST Software - avast! Revert.) - [72.8 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswRvrt.sys [MD5.A371A06EC8F4830C263D3F5CA5A11B65] - [20/06/2016 00:07:36] - (.Copyright (c) 2014 AVAST Software - avast! Virtualization Driver.) - [1045.8 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswSnx.sys [MD5.6B7F6CE19A16240EE9DE2C528897ED9C] - [20/06/2016 00:07:47] - (.Copyright (c) 2014 AVAST Software - avast! self protection module.) - [454.88 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswSP.sys [MD5.3575F9226251DE48E065ED5C384A21EF] - [20/06/2016 00:07:52] - (.Copyright (c) 2014 AVAST Software - Stream Filter.) - [162.53 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswStm.sys [MD5.BA4CDCD8C0395E91C38CD2C5CE3E7FA2] - [20/06/2016 00:07:52] - (.Copyright (c) 2014 AVAST Software - avast! VM Monitor.) - [280.79 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswVmm.sys [MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - [10/06/2009 22:34:23] - (.Copyright 2000-2008, Broadcom Corporation. - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) - [264.5 Ko] - (10.100.4.0) - C:\Windows\System32\Drivers\b57nd60a.sys [MD5.F09EEE9EDC320B5E1501F749FDE686C8] - [14/07/2009 03:19:59] - (.Copyright (C) Brother Industries, Ltd. 2001-2003 - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) - [18 Ko] - (1.10.0.2) - C:\Windows\System32\Drivers\BrFiltLo.sys [MD5.B114D3098E9BDB8BEA8B053685831BE6] - [14/07/2009 03:20:21] - (.Copyright (C) Brother Industries, Ltd. 2001 - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) - [8.5 Ko] - (1.4.0.1) - C:\Windows\System32\Drivers\BrFiltUp.sys [MD5.43BEA8D483BF1870F018E2D02E06A5BD] - [14/07/2009 03:19:06] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [280 Ko] - (1.0.1.6) - C:\Windows\System32\Drivers\BrSerId.sys [MD5.A6ECA2151B08A09CACECA35C07F05B42] - [14/07/2009 03:20:11] - (.Copyright (C) Brother Industries Ltd.1997-2003 - Brother Serial driver (WDM version).) - [46 Ko] - (1.0.0.20) - C:\Windows\System32\Drivers\BrSerWdm.sys [MD5.B79968002C277E869CF38BD22CD61524] - [14/07/2009 03:20:26] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB MDM Driver.) - [14.63 Ko] - (1.0.0.12) - C:\Windows\System32\Drivers\BrUsbMdm.sys [MD5.A87528880231C54E75EA7A44943B38BF] - [14/07/2009 03:20:15] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB Serial Driver.) - [14.38 Ko] - (1.0.1.3) - C:\Windows\System32\Drivers\BrUsbSer.sys [MD5.3E5B191307609F7514148C6832BB0842] - [10/06/2009 22:34:28] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [457.5 Ko] - (4.8.2.0) - C:\Windows\System32\Drivers\bxvbda.sys [MD5.7C1049B796EC0B4F969D898A041D1347] - [19/06/2016 20:42:56] - (.Copyright © Lueders/Winkler 2003-2014 - cFosSpeed Driver.) - [1897.89 Ko] - (9.5.2096.0) - C:\Windows\System32\Drivers\cfosspeed6.sys [MD5.E19D3F095812725D88F9001985B94EDD] - [14/07/2009 01:19:48] - (.Copyright (C) CMD Technology, Inc. 1999-2000 - CMD PCI IDE Bus Driver.) - [17.08 Ko] - (2.0.7.0) - C:\Windows\System32\Drivers\cmdide.sys [MD5.E2CA2BC3B16BDA6E6F80F54C88486877] - [19/06/2016 20:35:11] - (.© 2000-2013 Disc Soft Ltd. - DAEMON Tools Virtual Bus Driver.) - [276.43 Ko] - (5.5.0.386) - C:\Windows\System32\Drivers\dtsoftbus01.sys [MD5.CC2DE631888782989B27B775B09F6FCD] - [19/06/2016 19:45:34] - (.Copyright(C) 2013, Intel Corporation. - Intel(R) Gigabit Adapter NDIS 6.x driver.) - [483.27 Ko] - (12.10.30.0) - C:\Windows\System32\Drivers\e1d62x64.sys [MD5.0E5DA5369A0FCAEA12456DD852545184] - [10/06/2009 22:36:49] - (.Copyright © 2003-2009 Emulex - Storport Miniport Driver for LightPulse HBAs.) - [518.06 Ko] - (7.2.10.211) - C:\Windows\System32\Drivers\elxstor.sys [MD5.DC5D737F51BE844D8C82C695EB17372F] - [10/06/2009 22:34:33] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3209 Ko] - (4.8.13.0) - C:\Windows\System32\Drivers\evbda.sys [MD5.F2523EF6460FC42405B12248338AB2F0] - [14/07/2009 00:53:43] - (.Copyright ©2007-2009 Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) - [30.5 Ko] - (1.31.27127.0) - C:\Windows\System32\Drivers\hcw85cir.sys [MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - [22/06/2016 01:30:34] - (.Copyright (c) 2004-2010 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [76.88 Ko] - (6.12.6.64) - C:\Windows\System32\Drivers\HpSAMD.sys [MD5.DC634219EB284728B6F25FBE78688A47] - [22/04/2013 02:06:34] - (.Copyright (C) 1998 - 2011 Intel Corporation. - NDIS 6.1 Advanced Networking Services..) - [159.57 Ko] - (9.8.49.0) - C:\Windows\System32\Drivers\iANSW60e.sys [MD5.57CD95DEB3529181BCC931DD2DFB2341] - [07/08/2013 14:23:46] - (.Copyright(C) Intel Corporation 1994-2013 - Intel Rapid Storage Technology driver - x64.) - [629.85 Ko] - (12.8.0.1016) - C:\Windows\System32\Drivers\iaStorA.sys [MD5.CE5CD8CBE940965867D507AB8EA2795A] - [07/08/2013 14:23:46] - (.Copyright(C) Intel Corporation 1994-2013 - Intel Rapid Storage Technology Filter driver - x64.) - [27.35 Ko] - (12.8.0.1016) - C:\Windows\System32\Drivers\iaStorF.sys [MD5.3DF4395A7CF8B7A72A5F4606366B8C2D] - [22/06/2016 01:30:22] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [400.88 Ko] - (8.6.2.1014) - C:\Windows\System32\Drivers\iaStorV.sys [MD5.5C18831C61933628F5BB0EA2675B9D21] - [13/07/2009 23:59:33] - (.Copyright © 2002-05 Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - [43.08 Ko] - (5.4.22.0) - C:\Windows\System32\Drivers\iirsp.sys [MD5.73A40E29F61E5D142C8F42B28A351190] - [12/08/2013 12:50:00] - (.Copyright (C) 2002-2012 Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) - [32.83 Ko] - (1.3.0.6) - C:\Windows\System32\Drivers\iqvw64e.sys [MD5.78D369F8A81A341109FBA1DB64B4C512] - [19/06/2016 19:51:18] - (.(C) 2010-2013 Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Driver.) - [19.98 Ko] - (2.5.0.19) - C:\Windows\System32\Drivers\iusb3hcs.sys [MD5.5B632ABA038CE2E2D5D2D1115C6B26D1] - [19/06/2016 19:51:09] - (.(C) 2010-2013 Intel Corporation - Intel(R) USB 3.0 Hub Driver.) - [359.48 Ko] - (2.5.0.19) - C:\Windows\System32\Drivers\iusb3hub.sys [MD5.EA841584EF59528D11F20355770E427E] - [19/06/2016 19:51:10] - (.(C) 2010-2013 Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller Driver.) - [767.98 Ko] - (2.5.0.19) - C:\Windows\System32\Drivers\iusb3xhc.sys [MD5.1A93E54EB0ECE102495A51266DCDB6A6] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT FC Driver (StorPort).) - [112.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_fc.sys [MD5.1047184A9FDC8BDBFF857175875EE810] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SAS Driver (StorPort).) - [104.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_sas.sys [MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2009 - LSI SAS Gen2 Driver (StorPort).) - [64.06 Ko] - (2.0.2.71) - C:\Windows\System32\Drivers\lsi_sas2.sys [MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SCSI Driver (StorPort).) - [113.06 Ko] - (1.28.3.67) - C:\Windows\System32\Drivers\lsi_scsi.sys [MD5.78BFF5425E044086E74E78650A359FBB] - [22/06/2016 01:47:16] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [26.38 Ko] - (0.1.16.0) - C:\Windows\System32\Drivers\mbam.sys [MD5.1239597BAB7EED2BB16D035AF87E65D9] - [22/06/2016 01:47:17] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [137.38 Ko] - (1.1.22.0) - C:\Windows\System32\Drivers\mbamchameleon.sys [MD5.78488AF2AB2111D67B3C4044707A519B] - [22/06/2016 01:47:27] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [187.71 Ko] - (0.3.0.4) - C:\Windows\System32\Drivers\MBAMSwissArmy.sys [MD5.A55805F747C6EDB6A9080D7C633BD0F4] - [10/06/2009 22:37:14] - (.Copyright © LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64.) - [34.56 Ko] - (4.5.1.64) - C:\Windows\System32\Drivers\megasas.sys [MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - [13/07/2009 23:59:33] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [278.06 Ko] - (13.5.409.2009) - C:\Windows\System32\Drivers\MegaSR.sys [MD5.452ACB7A9914398D9E18CCCFFCF92208] - [22/06/2016 01:47:16] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [63.38 Ko] - (1.0.6.0) - C:\Windows\System32\Drivers\mwac.sys [MD5.77889813BE4D166CDAB78DDBA990DA92] - [13/07/2009 23:59:33] - (.(C) Copyright IBM Corp. 1994, 2002. - IBM ServeRAID Controller Driver.) - [50.06 Ko] - (7.10.0.0) - C:\Windows\System32\Drivers\nfrd960.sys [MD5.1F99AD85DC4F9E322CDE2363378CD374] - [19/06/2016 21:19:49] - (.(C) NVIDIA Corporation. - NVIDIA HDMI Audio Driver.) - [137.95 Ko] - (1.3.34.14) - C:\Windows\System32\Drivers\nvhda64v.sys [MD5.F1AD55BE455B70D8348C08EC891BA263] - [19/06/2016 21:19:49] - (.(C) 2016 NVIDIA Corporation. - NVIDIA Windows Kernel Mode Driver, Version 368.39.) - [13145.05 Ko] - (10.18.13.6839) - C:\Windows\System32\Drivers\nvlddmkm.sys [MD5.5D9FD91F3D38DC9DA01E3CB5FA89CD48] - [22/06/2016 01:31:02] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [144.88 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvraid.sys [MD5.F7CD50FE7139F07E77DA8AC8033D1832] - [22/06/2016 01:31:07] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.38 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvstor.sys [MD5.F37FE6B15A987AEEC08EEF531F2FAED7] - [20/06/2016 01:20:34] - (.(C) NVIDIA Corporation. - NVIDIA Virtual Audio Driver.) - [55.06 Ko] - (1.2.40.0) - C:\Windows\System32\Drivers\nvvad64v.sys [MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - [10/06/2009 22:37:36] - (.Copyright © QLogic Corporation 1996-2009 - QLogic Fibre Channel Stor Miniport Driver.) - [1489.08 Ko] - (9.1.8.6) - C:\Windows\System32\Drivers\ql2300.sys [MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - [13/07/2009 23:59:34] - (.© QLogic Corporation. - QLogic iSCSI Storport Miniport Driver.) - [125.58 Ko] - (2.1.3.20) - C:\Windows\System32\Drivers\ql40xx.sys [MD5.689F04285EF20E98B4F338AF7523A4C2] - [19/06/2016 19:28:16] - (.Copyright (c) Realtek Semiconductor Corp.1998-2013 - Realtek(r) High Definition Audio Function Driver.) - [3777.34 Ko] - (6.0.1.7179) - C:\Windows\System32\Drivers\RTKVHD64.sys [MD5.3EA8A16169C26AFBEB544E0E48421186] - [14/07/2009 04:36:07] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\Windows\System32\Drivers\secdrv.sys [MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - [10/06/2009 22:37:40] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [42.56 Ko] - (5.1.1039.2600) - C:\Windows\System32\Drivers\sisraid2.sys [MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - [13/07/2009 23:59:33] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [78.58 Ko] - (5.1.1039.3600) - C:\Windows\System32\Drivers\sisraid4.sys [MD5.F3817967ED533D08327DC73BC4D5542A] - [13/07/2009 23:59:33] - (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) - [24.08 Ko] - (5.0.1.1) - C:\Windows\System32\Drivers\stexstor.sys [MD5.E0EF6C1399A9B1AAA0B28590411BED04] - [19/06/2016 19:38:42] - (.Copyright © 2006-2013, Intel Corporation. - Intel(R) Management Engine Interface.) - [96.96 Ko] - (9.5.15.1730) - C:\Windows\System32\Drivers\TeeDriverx64.sys [MD5.0D5A09B08568760AE85A801FCBC0F83D] - [22/06/2016 01:36:20] - (.-.) - [27.61 Ko] - (2.0.2.0) - C:\Windows\System32\Drivers\TrueSight.sys [MD5.E5689D93FFE4E5D66C0178761240DD54] - [14/07/2009 01:19:50] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [17.08 Ko] - (6.0.6000.170) - C:\Windows\System32\Drivers\viaide.sys [MD5.5E2016EA6EBACA03C04FEAC5F330D997] - [10/06/2009 22:37:58] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [158.08 Ko] - (6.0.6000.6210) - C:\Windows\System32\Drivers\vsmraid.sys [MD5.FF5221C2E5D5CC82F93EB7C99DC2852F] - [19/06/2016 20:15:17] - (.Copyright (c) ASUSTek Computer Inc. - ASUS Charger driver.) - [14.5 Ko] - (5.2.3790.0) - C:\Windows\Syswow64\Drivers\AiCharger.sys [MD5.798DE15F187C1F013095BBBEB6FB6197] - [19/06/2016 20:16:04] - (.-.) - [14.88 Ko] - (0.0.0.0) - C:\Windows\Syswow64\Drivers\AsIO.sys [MD5.1392B92179B07B672720763D9B1028A5] - [14/09/2012 04:06:23] - (.-.) - [14.13 Ko] - (0.0.0.0) - C:\Windows\Syswow64\Drivers\AsUpIO.sys [MD5.A5E4CDB420540095D1293C874B5F89AA] - [20/09/2011 06:25:56] - (.Copyright (c) MCCI Corporation 1997-2011 - ASUS USB Hub filter driver.) - [45.07 Ko] - (5.28.10.0) - C:\Windows\Syswow64\Drivers\ASUSFILTER.sys [MD5.19166026A93206F9C6A8CD3A1F010AE4] - [02/04/2009 14:30:14] - (.-.) - [10.05 Ko] - (0.0.0.0) - C:\Windows\Syswow64\Drivers\ASUSHWIO.SYS ¤¤¤¤¤¤¤¤¤¤ | Uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\8B3D7924-ED89-486B-8322-E8594065D5CB_is1] : (RogueKiller version 12.-.Adlice Software) -> "C:\Program Files\RogueKiller\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CPUID ASUS CPU-Z_is1] : (CPUID ASUS CPU-Z 1.69.-.CPUID, Inc.) -> "C:\Program Files\CPUID\ASUS CPU-Z\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PROSetDX] : (Intel(R) Network Connections 18.7.28.0.-.Intel) -> MsiExec.exe /i{594AEAFB-0822-4EA9-A5B8-309485A515EE} ARPREMOVE=1 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ROG GameFirst II] : (ROG GameFirst II v9.05.-.cFos Software GmbH, Bonn) -> "C:\Program Files\ASUS\ROG GameFirst II\setup.exe" -uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 203770] : (Crusader Kings II.-.Paradox Development Studio) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/203770 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 246620] : (Plague Inc: Evolved.-.Ndemic Creations) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/246620 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 271240] : (Offworld Trading Company.-.Mohawk Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/271240 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.11.1] : (Vulkan Run Time Libraries 1.0.11.1.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.11.1\UninstallVulkanRT.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0E2BE1E8-F087-45D6-8D29-5CB305643B78}] : (Sonic Radar.-.ASUSTeKcomputer.Inc) -> MsiExec.exe /I{0E2BE1E8-F087-45D6-8D29-5CB305643B78} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> "C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{54F2237F-018C-483B-8884-9FC0D88840C3}] : (VC_CRT_x64.-.Intel Corporation) -> MsiExec.exe /I{54F2237F-018C-483B-8884-9FC0D88840C3} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{594AEAFB-0822-4EA9-A5B8-309485A515EE}] : (Intel(R) Network Connections 18.7.28.0.-.Intel) -> MsiExec.exe /i{594AEAFB-0822-4EA9-A5B8-309485A515EE} ARPREMOVE=1 [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{93F692D4-0C4D-4EED-9BFE-657C1D5959FE} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] : (NVIDIA Pilote 3D Vision 368.39.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 368.39.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 368.39.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 2.11.3.5.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] : (NVIDIA Pilote du contrôleur 3D Vision 364.44.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel système PhysX 9.16.0318.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 2.11.3.5.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer] : (NVIDIA LED Visualizer 1.0.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService] : (NVIDIA GeForce Experience Service.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.34.14.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service] : (NVIDIA Network Service.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 2.11.3.5.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 1.2.40.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B5E06417-A4AC-4225-B36E-7E34C91616E7}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{B5E06417-A4AC-4225-B36E-7E34C91616E7} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}] : (WinZip 20.5.-.WinZip Computing, S.L.) -> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C24105} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast] : (Avast Antivirus Gratuit.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Pro] : (DAEMON Tools Pro.-.Disc Soft Ltd) -> C:\Program Files (x86)\DAEMON Tools Pro\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}] : (ASUS GPU TweakII.-.ASUSTek COMPUTER INC.) -> C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43} /l1036 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.2.1.1043.-.Malwarebytes) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 47.0 (x86 fr)] : (Mozilla Firefox 47.0 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NVIDIAStereo] : (NVIDIA Stereoscopic 3D Driver.-.NVIDIA Corporation) -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SafeZone 1.48.2066.101] : (SafeZone Stable 1.48.2066.101.-.Avast Software) -> "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam] : (Steam.-.Valve Corporation) -> C:\Program Files (x86)\Steam\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ZHPFix_is1] : (ZHPFix 2015.-.Nicolas Coolman) -> "C:\Program Files (x86)\ZHPFix\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}] : (ASUS GPU TweakII.-.ASUSTek COMPUTER INC.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{015CFA5F-1377-48B2-84DB-F4D3DE8EBAF7}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{015CFA5F-1377-48B2-84DB-F4D3DE8EBAF7}\Setup.exe" -l0x9 [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] : (Google Toolbar for Internet Explorer.-.Google Inc.) -> MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] : (Google Toolbar for Internet Explorer.-.Google Inc.) -> "C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_F3B2E431EE169D71.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}] : (Intel(R) USB 3.0 eXtensible Host Controller Driver.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7B40EADF-CA1B-423A-A110-89DA90679788}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7B40EADF-CA1B-423A-A110-89DA90679788}\Setup.exe" -l0x9 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7FB64E72-9B0E-4460-A821-040C341E414A}] : (ASUS Ai Charger.-.ASUSTeK Computer Inc.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7FB64E72-9B0E-4460-A821-040C341E414A}\setup.exe" -l0x9 [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824184103}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824184103} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}] : (Adobe Reader X (10.1.16) MUI.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF8D8D0D-1262-4368-895E-44DA5632CD7B}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AF8D8D0D-1262-4368-895E-44DA5632CD7B}\Setup.exe" -l0x9 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C0FEE440-FA2F-4C0D-B64C-35F1D4B7A009}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C0FEE440-FA2F-4C0D-B64C-35F1D4B7A009}\Setup.exe" -l0x9 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C740780B-F589-481C-8F59-A32735DEFCFF}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C740780B-F589-481C-8F59-A32735DEFCFF}\Setup.exe" -l0x9 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}] : (ASUS Product Register Program.-.ASUSTek Computer Inc.) -> MsiExec.exe /I{C87D79F6-F813-4812-B7A9-CCCAAB8B1188} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}] : (AI Suite 3.-.ASUSTeK Computer Inc.) -> "C:\ProgramData\ASUS\AI Suite III\Setup.exe" -u [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly ¤¤¤¤¤¤¤¤¤¤ | Ports ¤¤¤¤¤¤¤¤¤¤ | CLSID [HKCR\CLSID\{0D68D6D0-D93D-4D08-A30D-F00DD1F45B24}] - (.License: MPL 2 -.) - C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll [21/06/2016 01:45:14] [HKCR\CLSID\{11111155-852c-48b9-8d43-61e5455392d3}] - (.© Waves Audio Ltd. - MaxxSpeech APO.) - C:\Windows\SysWOW64\RTCOM\MaxxSpeechAPO.dll [19/06/2016 19:28:02] [HKCR\CLSID\{15FD01A3-6E5D-4ECD-9EBD-1813CB3887A1}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{1CEBDE3E-6B91-484A-AF48-5E4F4ED6B1E1}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{230B2221-299A-491F-87DF-D70B29153EE2}] - (.TODO: (c) . - TODO: .) - C:\Program Files (x86)\ASUS\GPU TweakII\ChartEx.ocx [23/07/2015 10:49:26] [HKCR\CLSID\{273C813F-46B0-4D2D-B522-73CB5D1C372A}] - (.© 2000-2013 Disc Soft Ltd. - DT Gadget library.) - C:\Program Files (x86)\DAEMON Tools Pro\DTGadget32.dll [13/03/2014 11:30:50] [HKCR\CLSID\{2C5F9B72-7148-4D97-BFC9-68A0E076BEBD}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}] - (.© 2000-2013 Disc Soft Ltd. - DAEMON Tools Pro.) - C:\Program Files (x86)\DAEMON Tools Pro\DTShl32.dll [13/03/2014 11:30:12] [HKCR\CLSID\{2FE8F810-B2A5-11d0-A787-0000F803ABFC}] - (.-.) - C:\Windows\system32\dplayx.dll [HKCR\CLSID\{3037B4CD-A40B-401B-B676-2017EE8FAFF4}] - (.-.) - "C:\Program Files (x86)\Windows NT\Accessories\WordpadFilter.dll" [HKCR\CLSID\{32714800-2E5F-11d0-8B85-00AA0044F941}] - (.-.) - %ProgramFiles(x86)%\Windows Mail\wabfind.dll [HKCR\CLSID\{343D770D-7788-47c2-B62A-B7C4CED925CB}] - (.-.) - C:\Windows\SysWOW64\wpcmig.dll [HKCR\CLSID\{34c219bd-85c1-4338-95e8-788a36901dc2}] - (.-.) - %windir%\System32\wpdwcn.dll [HKCR\CLSID\{4062C116-0270-11D3-8BCB-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{40966797-8FFE-46C8-9EF8-7003F33CCF0F}] - (.© 2000-2013 Disc Soft Ltd. - DAEMON Tools Pro.) - C:\Program Files (x86)\DAEMON Tools Pro\DTShl32.dll [13/03/2014 11:30:12] [HKCR\CLSID\{4108FA85-3586-11D3-8BD7-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{417BAB8B-9D22-4A88-9DA0-98C4AB6745D5}] - (.-.) - %windir%\System32\wpdwcn.dll [HKCR\CLSID\{4516EC43-8F20-11D0-9B6D-0000C0781BC3}] - (.-.) - C:\Windows\system32\d3dxof.dll [HKCR\CLSID\{46F8ADC5-0EA1-49d7-9657-56A50133CD42}] - (.© 2000-2013 Disc Soft Ltd. - DT Gadget library.) - C:\Program Files (x86)\DAEMON Tools Pro\DTGadget32.dll [13/03/2014 11:30:50] [HKCR\CLSID\{4EE17959-931E-49E4-A2C6-977ECF3628F3}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{6047F837-D527-467E-9DC1-6D51F92D9E45}] - (.-.) - "C:\Program Files (x86)\Windows NT\Accessories\WordpadFilter.dll" [HKCR\CLSID\{640167b4-59b0-47a6-b335-a6b3c0695aea}] - (.-.) - C:\Windows\system32\audiodev.dll [HKCR\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{810B5013-E88D-11D2-8BC1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{A5415364-784A-41A5-B47A-D452909CA8FF}] - (.© 2000-2013 Disc Soft Ltd. - DAEMON Tools Pro.) - C:\Program Files (x86)\DAEMON Tools Pro\DTShl32.dll [13/03/2014 11:30:12] [HKCR\CLSID\{A6098E79-9C50-4F87-8973-5FB4532C93D8}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{A861C6E2-FCFC-11D2-8BC9-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{AFAECC67-29E9-4FB9-AAA5-E41B66E7308D}] - (.TODO: (c) . - TODO: .) - C:\Program Files (x86)\ASUS\GPU TweakII\ChartEx.ocx [23/07/2015 10:49:26] [HKCR\CLSID\{C70EB77F-EFD4-4678-A27B-BF1648F30D04}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{CE8A3669-40C7-4F4E-9B9B-AA3DD10DAC10}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.21.169\psmachine.dll [HKCR\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{D2F3AF5C-E1DD-4AF1-B888-9CC05B0FB1E6}] - (.TODO: (c) . - TODO: .) - C:\Program Files (x86)\ASUS\GPU TweakII\FeedbackChart.ocx [15/05/2015 14:33:00] [HKCR\CLSID\{D3075F87-A7BD-4231-9F6A-60C5E07374A7}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{DAA92564-78C8-40A3-96D2-9115A76B8F29}] - (.-.) - %windir%\System32\wpdwcn.dll [HKCR\CLSID\{DFA14C43-F385-4170-99CC-1B7765FA0E4A}] - (.-.) - C:\Windows\SysWOW64\wpcumi.dll [HKCR\CLSID\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}] - (.-.) - %ProgramFiles(x86)%\Windows NT\TableTextService\TableTextService.dll [HKCR\CLSID\{EBF2320A-2502-11D3-8BD1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{EC5229FE-89DC-4C4B-BEAA-CFF98D26DCA2}] - (.TODO: (c) . - TODO: .) - C:\Program Files (x86)\ASUS\GPU TweakII\FeedbackChart.ocx [15/05/2015 14:33:00] [HKCR\CLSID\{FABD6EA5-AE10-4E7A-B83B-5F07ACC84214}] - (.-.) - %windir%\System32\wpdwcn.dll ¤¤¤¤¤¤¤¤¤¤ | Listing No Microsoft signed files | system32 (Not necessary Malwares) [MD5.D41D8CD98F00B204E9800998ECF8427E] - |D| - [14/07/2009 06:45:49] - (.-.) - [16.45 Ko] - (0.0.0.0) - C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |D| - [14/07/2009 06:45:49] - (.-.) - [16.45 Ko] - (0.0.0.0) - C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.F2CF417EF502555B139EDCD9FEBF9CD3] - |D| - [19/06/2016 19:27:36] - (.-.) - [107.27 Ko] - (0.0.0.0) - C:\Windows\system32\AcpiServiceVnA64.dll [MD5.7E8152C231FF349CEEEB12146D90E952] - |D| - [20/06/2016 00:07:15] - (.Copyright (c) 2014 AVAST Software - avast! start-up scanner.) - [388.82 Ko] - (11.2.2738.0) - C:\Windows\system32\aswBoot.exe [MD5.2D0895BED270D1A8CADD981A5BFC0AE5] - |D| - [19/06/2016 19:28:21] - (.-.) - [591.3 Ko] - (0.0.0.0) - C:\Windows\system32\audioLibVc.dll [MD5.22D9945B4AAE36DD59620A918F2E65F4] - |D| - [10/06/2009 23:06:00] - (.-.) - [3096 Ko] - (0.0.0.0) - C:\Windows\system32\boot.sdi [MD5.405E1EF8E3C88E9BCD2853382BB12430] - |D| - [10/06/2009 22:48:31] - (.-.) - [22.45 Ko] - (0.0.0.0) - C:\Windows\system32\bopomofo.uce [MD5.F02F93D5AEC524052E4A37C1BB7CCF31] - |D| - [14/07/2009 03:20:24] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [19 Ko] - (1.0.0.20) - C:\Windows\system32\brcoinst.dll [MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |D| - [14/07/2009 02:07:04] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\Windows\system32\BthpanContextHandler.dll [MD5.718B2F97951B3A5F2968E91DE7DE74E5] - |D| - [14/07/2009 01:57:57] - (.Copyright (C) 2008 - Application ContextH.) - [67.5 Ko] - (1.0.0.1) - C:\Windows\system32\BWContextHandler.dll [MD5.6E14F444A2506049EEC25CB5EDFE0905] - |D| - [19/06/2016 19:27:37] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [110.91 Ko] - (1.0.0.4) - C:\Windows\system32\CONEQMSAPOGUILibrary.dll [MD5.82DF29C6D5571BFA69429563F0AED677] - |D| - [19/06/2016 19:27:37] - (.©2013 Dolby Laboratories. - Dolby Digital Plus API x86.) - [254.17 Ko] - (7.5.1.1) - C:\Windows\system32\DDPA64.dll [MD5.FAC24F4CC63235D9533DD6605E5EE6F0] - |D| - [19/06/2016 19:27:37] - (.©2013 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1893.17 Ko] - (7.5.1.1) - C:\Windows\system32\DDPD64A.dll [MD5.A1C8F811777EFA1B6BD82B226016CF2D] - |D| - [19/06/2016 19:27:37] - (.©2013 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [306.17 Ko] - (7.5.1.1) - C:\Windows\system32\DDPO64A.dll [MD5.B827E0AE582ACD641F0B2B052773A5CA] - |D| - [19/06/2016 19:27:37] - (.©2012 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6072.17 Ko] - (7.5.1.1) - C:\Windows\system32\DDPP64A.dll [MD5.079B8AEB4A55BF8493BD1EC70285D920] - |D| - [14/07/2009 06:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\system32\desktop.ini [MD5.8C6F56F4CDDE6A1FD01F4FCF2773298E] - |D| - [14/07/2009 04:34:42] - (.-.) - [210.88 Ko] - (0.0.0.0) - C:\Windows\system32\dssec.dat [MD5.8B5A737AD11EF45D9B1AEB4ED6884968] - |D| - [19/06/2016 19:27:39] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [711.6 Ko] - (1.0.0.1) - C:\Windows\system32\DTSBassEnhancementDLL64.dll [MD5.21B38D4D86A87909491F690883AE6D1E] - |D| - [19/06/2016 19:27:39] - (.(c) DTS. - DTS Boost COM DLL.) - [1452.1 Ko] - (1.0.0.1) - C:\Windows\system32\DTSBoostDLL64.dll [MD5.FF31A2F57AAAB58DB78FCC961A58B206] - |D| - [19/06/2016 19:27:39] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [418.6 Ko] - (1.0.0.1) - C:\Windows\system32\DTSGainCompensatorDLL64.dll [MD5.BC0474E5476E5EA0D0E1AA5AC41E2061] - |D| - [19/06/2016 19:27:39] - (.(c) DTS. - DTS GFX APO.) - [237.1 Ko] - (1.0.0.3) - C:\Windows\system32\DTSGFXAPO64.dll [MD5.3B8FB5376F5431C0101747D5138BCB9B] - |D| - [19/06/2016 19:27:39] - (.(c) DTS. - DTS GFX APO.) - [236.1 Ko] - (1.0.0.3) - C:\Windows\system32\DTSGFXAPONS64.dll [MD5.B3977C8BA77559F4F8752AE8EB724C87] - |D| - [19/06/2016 19:27:39] - (.(c) DTS. - DTS LFX APO.) - [237.1 Ko] - (1.0.0.3) - C:\Windows\system32\DTSLFXAPO64.dll [MD5.192A03A21636D3775CEE4C049C3BEB2A] - |D| - [19/06/2016 19:27:39] - (.(c) DTS. - DTS Limiter COM DLL.) - [422.6 Ko] - (1.0.0.1) - C:\Windows\system32\DTSLimiterDLL64.dll [MD5.2EF5442E8E7ED20F7634EEFB09640C8F] - |D| - [19/06/2016 19:27:40] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [479.6 Ko] - (1.0.0.1) - C:\Windows\system32\DTSNeoPCDLL64.dll [MD5.F7C357462077156DC211AC2112FC8C53] - |D| - [19/06/2016 19:27:40] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1531.6 Ko] - (1.0.0.1) - C:\Windows\system32\DTSS2HeadphoneDLL64.dll [MD5.F132C08BD8C58579B400DFAA71F34CFB] - |D| - [19/06/2016 19:27:40] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1715.1 Ko] - (1.0.0.1) - C:\Windows\system32\DTSS2SpeakerDLL64.dll [MD5.9948969B2C1987B1D64789EFEB284A84] - |D| - [19/06/2016 19:27:40] - (.(c) DTS. - DTS Symmetry COM DLL.) - [695.6 Ko] - (1.0.0.1) - C:\Windows\system32\DTSSymmetryDLL64.dll [MD5.37B8A8089ECED77F6CEAF74917C5D12B] - |D| - [19/06/2016 19:27:40] - (.(c) DTS. - DTS GFX APO.) - [475.94 Ko] - (2.1.1.0) - C:\Windows\system32\DTSU2PGFX64.dll [MD5.8AE860D92752CFA136979B1FF797FFDC] - |D| - [19/06/2016 19:27:41] - (.(c) DTS. - DTS LFX APO.) - [489.44 Ko] - (2.1.1.0) - C:\Windows\system32\DTSU2PLFX64.dll [MD5.A9B98F96FBE514ADEABD20B2BD132172] - |D| - [19/06/2016 19:27:41] - (.(c) DTS. - DTS LFX APO.) - [405.94 Ko] - (2.1.1.0) - C:\Windows\system32\DTSU2PREC64.dll [MD5.DE32448E6B40141C80DAABFF6FBE1744] - |D| - [19/06/2016 19:27:41] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [677.1 Ko] - (1.0.0.1) - C:\Windows\system32\DTSVoiceClarityDLL64.dll [MD5.CF19E5E7A3D0673EF3FD3E1FEC1BE995] - |D| - [19/06/2016 19:45:34] - (.-.) - [3.04 Ko] - (0.0.0.0) - C:\Windows\system32\e1d62x64.din [MD5.0A05D6A4DE27C77D924F89635987FDA9] - |D| - [13/07/2009 23:36:47] - (.-.) - [17.51 Ko] - (0.0.0.0) - C:\Windows\system32\EventViewer_EventDetails.xsl [MD5.B20FCEA2E7EEDD52794E570FD1496EA0] - |D| - [14/07/2009 06:45:34] - (.-.) - [268.03 Ko] - (0.0.0.0) - C:\Windows\system32\FNTCACHE.DAT [MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |D| - [10/06/2009 22:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\Windows\system32\gatherNetworkInfo.vbs [MD5.4FDED87068052EEB9B72A97FDBC141DB] - |D| - [14/07/2009 01:56:51] - (.-.) - [23.44 Ko] - (0.0.0.0) - C:\Windows\system32\gb2312.uce [MD5.ECD81B99477AB4A93D7838EB40B870D0] - |D| - [14/07/2009 04:34:28] - (.-.) - [8.59 Ko] - (0.0.0.0) - C:\Windows\system32\icrav03.rat [MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - |D| - [14/07/2009 01:56:51] - (.-.) - [59.04 Ko] - (0.0.0.0) - C:\Windows\system32\ideograf.uce [MD5.CB4460E979667135FFA8F9293508C47E] - |D| - [14/07/2009 01:01:52] - (.-.) - [70.26 Ko] - (0.0.0.0) - C:\Windows\system32\ieuinit.inf [MD5.6F7D1601DA55BBE5C7A79E01E236D7B9] - |D| - [19/06/2016 19:27:47] - (.© Knowles Electronics. - Knowles HD Audio APO.) - [589.83 Ko] - (4.1105.6000.53) - C:\Windows\system32\KAAPORT64.dll [MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - |D| - [14/07/2009 01:56:51] - (.-.) - [6.79 Ko] - (0.0.0.0) - C:\Windows\system32\kanji_1.uce [MD5.529BBD63519BBD654EF328454019693F] - |D| - [14/07/2009 01:56:51] - (.-.) - [8.29 Ko] - (0.0.0.0) - C:\Windows\system32\kanji_2.uce [MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - |D| - [14/07/2009 01:56:51] - (.-.) - [12.57 Ko] - (0.0.0.0) - C:\Windows\system32\korean.uce [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |D| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\system32\korwbrkr.lex [MD5.5046E55184021406C27E8D48A1B2C9D2] - |D| - [14/07/2009 02:22:31] - (.Copyright © 1996-1999 Fraunhofer Institut Integrierte Schaltungen IIS - MPEG Layer-3 Audio Codec for MSACM.) - [79.5 Ko] - (1.9.0.401) - C:\Windows\system32\l3codeca.acm [MD5.3F209D551A39797CF5F47E2D5B683ADA] - |D| - [14/07/2009 02:23:57] - (.Copyright © 2004 Fraunhofer IIS - MPEG Audio Layer-3 Codec for MSACM.) - [178 Ko] - (3.4.0.0) - C:\Windows\system32\l3codecp.acm [MD5.531FE5A2634D87A078017259F21D9736] - |D| - [10/06/2009 23:01:55] - (.-.) - [206.97 Ko] - (0.0.0.0) - C:\Windows\system32\lcphrase.tbl [MD5.D3C85593F8C4576FCF9B42AC48CA4368] - |D| - [13/07/2009 23:25:31] - (.-.) - [23.55 Ko] - (0.0.0.0) - C:\Windows\system32\lcptr.tbl [MD5.3719925D74965A5D76124602F7E2541F] - |D| - [14/07/2009 07:01:34] - (.-.) - [53.68 Ko] - (0.0.0.0) - C:\Windows\system32\license.rtf [MD5.EA63CC5BCAE1631C6DA5ACE9299BABB6] - |D| - [10/06/2009 22:31:50] - (.-.) - [2.66 Ko] - (0.0.0.0) - C:\Windows\system32\locationnotificationsview.xml [MD5.7A495CA1402C2F9F5D035092AD808669] - |D| - [13/07/2009 22:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\system32\manage-bde.wsf [MD5.75616F8DB5C092A8A50AFEC273859DD7] - |D| - [19/06/2016 19:27:49] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [311.34 Ko] - (2.2.9.0) - C:\Windows\system32\MaxxAudioAPO20.dll [MD5.06080807E61471A18AD99F3E6FF3C9B5] - |D| - [19/06/2016 19:27:49] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [647.75 Ko] - (3.6.0.0) - C:\Windows\system32\MaxxAudioAPO30.dll [MD5.F6CEC11F21748F73B41DC5B15F8680C5] - |D| - [19/06/2016 19:27:49] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1386.11 Ko] - (4.5.2.0) - C:\Windows\system32\MaxxAudioAPO4064.dll [MD5.2EDD56DF9AF0EE999D0262FA910F033B] - |D| - [19/06/2016 19:27:49] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1386.11 Ko] - (5.4.9.0) - C:\Windows\system32\MaxxAudioAPO5064.dll [MD5.CFD0F926ADB979605FDEC148741DB2F7] - |D| - [19/06/2016 19:27:50] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [2265.59 Ko] - (6.0.10.0) - C:\Windows\system32\MaxxAudioAPO6064.dll [MD5.5569CE8D7A4E362EC68F8C1DD8AEB3C5] - |D| - [19/06/2016 19:27:50] - (.Copyright (C) 2010-2014 - MaxxAudio APO Shell.) - [1009.09 Ko] - (4.14.6.0) - C:\Windows\system32\MaxxAudioAPOShell64.dll [MD5.E66E3CB8375C8F03E68C7488D3833FE8] - |D| - [19/06/2016 19:27:51] - (.Copyright © 1996-2012 -.) - [1989.59 Ko] - (4.1.0.0) - C:\Windows\system32\MaxxAudioEQ64.dll [MD5.E7AFD2E336ACD9E28CAE71437BA48FE8] - |D| - [19/06/2016 19:27:52] - (.- Waves Realtek App.) - [1887.59 Ko] - (5.2.18.0) - C:\Windows\system32\MaxxAudioRealtek264.dll [MD5.3F33275C54D601C38078A01FBB78D5DE] - |D| - [19/06/2016 19:27:53] - (.Copyright © 1996-2014 -.) - [14392.09 Ko] - (4.5.3.0) - C:\Windows\system32\MaxxAudioRealtek64.dll [MD5.14434CB334AEBFABF024EA2B8F098A48] - |D| - [19/06/2016 19:27:56] - (.Copyright © 1996-2014 -.) - [27646.59 Ko] - (1.7.7.0) - C:\Windows\system32\MaxxAudioVnA64.dll [MD5.0E1582F11CA0E417BC7AE6D1B83F4B5E] - |D| - [19/06/2016 19:28:01] - (.Copyright © 1996-2014 -.) - [3831.09 Ko] - (1.4.3.0) - C:\Windows\system32\MaxxAudioVnN64.dll [MD5.581778867AEB80C4366057B3DE1DC4D0] - |D| - [19/06/2016 19:28:02] - (.© Waves Audio Ltd. - MaxxSpeech APO.) - [1283.11 Ko] - (1.1.4.0) - C:\Windows\system32\MaxxSpeechAPO64.dll [MD5.6697E2E2A7AA44BC03E3C953E641EBE6] - |D| - [19/06/2016 19:28:02] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [916.61 Ko] - (2.4.4.0) - C:\Windows\system32\MaxxVoiceAPO2064.dll [MD5.9318BDE606B6BD1FBC9264D28F7E259C] - |D| - [19/06/2016 19:28:02] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [12494.09 Ko] - (3.0.7.0) - C:\Windows\system32\MaxxVoiceAPO3064.dll [MD5.587A8CF457604D84266FF858CEB60223] - |D| - [19/06/2016 19:28:05] - (.© Waves Audio Ltd. - MaxxVolumeSD APO.) - [647.25 Ko] - (3.6.0.0) - C:\Windows\system32\MaxxVolumeSDAPO.dll [MD5.39E801545FFF6230C80140E0F8A06629] - |D| - [14/07/2009 06:57:09] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\system32\migwiz.lnk [MD5.ED434A3EBE29070A7E0138C42482EB93] - |D| - [10/06/2009 22:44:02] - (.-.) - [657.31 Ko] - (0.0.0.0) - C:\Windows\system32\mlang.dat [MD5.F43841270CEEF8CC08B545ABB56FDF56] - |D| - [19/06/2016 19:28:05] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5617.26 Ko] - (6.3.9600.16384) - C:\Windows\system32\NAHIMICAPOlfx.dll [MD5.8CFB497C0C8F70132A4F678E848241B2] - |D| - [19/06/2016 19:28:05] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO Settings Communication Dll.) - [920.3 Ko] - (1.0.0.14866) - C:\Windows\system32\NAHIMICAPOSettingsIPC.dll [MD5.86166DAA04A6C154826508304CC6D4AC] - |D| - [10/06/2009 22:35:23] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\Windows\system32\NdfEventView.xml [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |D| - [14/07/2009 00:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\system32\NetTrace.PLA.Diagnostics.xml [MD5.5A34DB0802A96719F9DC08DFC7F356D1] - |D| - [14/07/2009 04:35:50] - (.-.) - [1.66 Ko] - (0.0.0.0) - C:\Windows\system32\NOISE.CHS [MD5.6C114885CC2C983BA24F9A4EDE9A48FA] - |D| - [14/07/2009 04:35:50] - (.-.) - [1.66 Ko] - (0.0.0.0) - C:\Windows\system32\NOISE.CHT [MD5.DE78E0C57BC478D47CC2F470B68E1A45] - |D| - [14/07/2009 04:35:51] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\Windows\system32\NOISE.DAT [MD5.C04D36BBEF5B9BAA8D8DA0B57F22BE20] - |D| - [10/06/2009 22:49:51] - (.-.) - [2.01 Ko] - (0.0.0.0) - C:\Windows\system32\noise.jpn [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |D| - [14/07/2009 04:35:51] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\system32\noise.kor [MD5.BDD9B70A185CA6DEFEAA59BB55B70644] - |D| - [14/07/2009 04:35:51] - (.-.) - [0.68 Ko] - (0.0.0.0) - C:\Windows\system32\NOISE.THA [MD5.78B1DD0BE630C276E98347088A76CE30] - |D| - [19/06/2016 21:19:49] - (.-.) - [0.58 Ko] - (0.0.0.0) - C:\Windows\system32\nv-vk64.json [MD5.34A4698BB1C2E37302E82B08E03FA944] - |D| - [19/06/2016 21:19:49] - (.-.) - [39042.55 Ko] - (0.0.0.0) - C:\Windows\system32\nvcompiler.dll [MD5.05F9BC4F2B01B2948184A0BEE70B38C0] - |D| - [19/06/2016 20:50:22] - (.-.) - [6301.71 Ko] - (0.0.0.0) - C:\Windows\system32\nvcoproc.bin [MD5.86A698106F3C3426ADD58220FAC4D55C] - |D| - [19/06/2016 21:19:49] - (.-.) - [654.25 Ko] - (0.0.0.0) - C:\Windows\system32\nvfatbinaryLoader.dll [MD5.4F153F9409A90986E89C73A6B30202A1] - |D| - [19/06/2016 20:49:56] - (.-.) - [38.21 Ko] - (0.0.0.0) - C:\Windows\system32\nvinfo.pb [MD5.EB30793E77717F6F924F36EA6213CCEF] - |D| - [19/06/2016 21:19:49] - (.-.) - [10393.79 Ko] - (0.0.0.0) - C:\Windows\system32\nvptxJitCompiler.dll [MD5.B537BF43DB70CB9B316BEC73A59AED9F] - |D| - [20/06/2016 01:20:57] - (.-.) - [109.41 Ko] - (0.0.0.0) - C:\Windows\system32\NvRtmpStreamer64.dll [MD5.5D27362AF3BCAA75A418F5416A35934E] - |D| - [14/07/2009 01:14:22] - (.-.) - [0.26 Ko] - (0.0.0.0) - C:\Windows\system32\odbcconf.rsp [MD5.2901049544FDF863362FABA2363EB647] - |D| - [13/07/2009 22:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\system32\onlinesetup.cmd [MD5.14FBACFCBDED3728E7F7AAA327E9AE4C] - |D| - [19/06/2016 20:50:17] - (.Copyright © The Khronos Group Inc 2011 - OpenCL Client DLL.) - [110.32 Ko] - (1.2.11.0) - C:\Windows\system32\OpenCL.dll [MD5.A029A434A3035429628CA35102FFB907] - |D| - [14/07/2009 01:16:33] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\Windows\system32\pcl.sep [MD5.8E5D6D717EB79DE29C9F2E42776FE000] - |D| - [14/07/2009 04:36:59] - (.-.) - [118.56 Ko] - (0.0.0.0) - C:\Windows\system32\perfc009.dat [MD5.E6D09EBCDBB8FA5FF4A3448C57FFBFAC] - |D| - [20/06/2016 04:53:54] - (.-.) - [145.62 Ko] - (0.0.0.0) - C:\Windows\system32\perfc00C.dat [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |D| - [10/06/2009 22:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\system32\PerfCenterCpl.ico [MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |D| - [14/07/2009 04:36:59] - (.-.) - [30.81 Ko] - (0.0.0.0) - C:\Windows\system32\perfd009.dat [MD5.07BA000B2E67565BDF112C35171865A5] - |D| - [20/06/2016 04:53:54] - (.-.) - [37.27 Ko] - (0.0.0.0) - C:\Windows\system32\perfd00C.dat [MD5.E18725E1FA11FDA933CD87463090BDAC] - |D| - [14/07/2009 04:36:59] - (.-.) - [637.67 Ko] - (0.0.0.0) - C:\Windows\system32\perfh009.dat [MD5.3453E9A0C1E3D5BAFEC5065CDD786817] - |D| - [20/06/2016 04:53:54] - (.-.) - [728.61 Ko] - (0.0.0.0) - C:\Windows\system32\perfh00C.dat [MD5.AB76709C0894625049D54DA8ED82D7FB] - |D| - [14/07/2009 07:13:15] - (.-.) - [1626.11 Ko] - (0.0.0.0) - C:\Windows\system32\PerfStringBackup.INI [MD5.E0CC2789C9BDED18253C0FD624840056] - |D| - [14/07/2009 02:40:54] - (.Copyright (C) 2001 - Application PrintBrm.) - [70 Ko] - (1.0.0.0) - C:\Windows\system32\PrintBrmUi.exe [MD5.C09741B9886EF0D15EC3B1443352FB62] - |D| - [14/07/2009 01:16:33] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\system32\pscript.sep [MD5.8882AD10853E45402CABD3BAF48A7EFC] - |D| - [19/06/2016 19:28:06] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [121.27 Ko] - (7.2.8000.17) - C:\Windows\system32\R4EEA64A.dll [MD5.0B5EF50E26CFD1E7BF01E32E053532B2] - |D| - [19/06/2016 19:28:06] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [424.77 Ko] - (7.2.8000.17) - C:\Windows\system32\R4EED64A.dll [MD5.01096663377134C41D618AF0E53A953E] - |D| - [19/06/2016 19:28:06] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [73.27 Ko] - (7.2.8000.17) - C:\Windows\system32\R4EEG64A.dll [MD5.D0EB28022A91A5C084E8A7DEBB08D8D2] - |D| - [19/06/2016 19:28:06] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [138.27 Ko] - (7.2.8000.17) - C:\Windows\system32\R4EEL64A.dll [MD5.03625A179B27362D3A90E3331AEBE95E] - |D| - [19/06/2016 19:28:06] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [6996.27 Ko] - (7.2.8000.17) - C:\Windows\system32\R4EEP64A.dll [MD5.C236A8735A48B165A2A7724357DBE332] - |D| - [22/06/2016 01:29:01] - (.-.) - [103.08 Ko] - (0.0.0.0) - C:\Windows\system32\RacRules.xml [MD5.3A77C18665A4C8428768CE186A5BC1EF] - |D| - [10/06/2009 22:59:55] - (.-.) - [1.78 Ko] - (0.0.0.0) - C:\Windows\system32\rasctrnm.h [MD5.53FDA4AF81E7C4895357A50E848B7CFE] - |D| - [22/06/2016 01:31:28] - (.Copyright (C) 2009 - RemoteFX Helper.) - [93.5 Ko] - (1.1.0.0) - C:\Windows\system32\RDVGHelper.exe [MD5.43E7D0AB6A8564F5BF375FBF0934FAD1] - |D| - [13/07/2009 23:18:33] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\Windows\system32\RestartManager.mof [MD5.3F75A221A01F68D6CE67FE99A868BD8F] - |D| - [13/07/2009 23:18:33] - (.-.) - [0.17 Ko] - (0.0.0.0) - C:\Windows\system32\RestartManagerUninstall.mof [MD5.E9D4A333DF15D06C68AC4BFB9B6581CB] - |D| - [19/06/2016 19:28:15] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\Windows\system32\RP3DAA64.dll [MD5.B6FE01558CC03F3866C9AD0ED19261D8] - |D| - [19/06/2016 19:28:15] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\Windows\system32\RP3DHT64.dll [MD5.A6286A6C7A1BBFCBA17AA54384A21D1C] - |D| - [19/06/2016 19:28:16] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [199.34 Ko] - (6.1.6001.33) - C:\Windows\system32\RTEED64A.dll [MD5.6F4CD493196100EEF349D7132CECAFD9] - |D| - [19/06/2016 19:28:16] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [76.84 Ko] - (6.1.6001.33) - C:\Windows\system32\RTEEG64A.dll [MD5.ECAEC5FBBBEF8612AF0A866AFA5F7EF2] - |D| - [19/06/2016 19:28:16] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [98.84 Ko] - (6.1.6001.33) - C:\Windows\system32\RTEEL64A.dll [MD5.D0D0D82B7366E691275E433CD34F89B2] - |D| - [19/06/2016 19:28:16] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [366.34 Ko] - (6.1.6001.33) - C:\Windows\system32\RTEEP64A.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |D| - [22/06/2016 01:29:28] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\system32\ScavengeSpace.xml [MD5.8C3D0C73A0850A0EE62DF9EC36DBDE80] - |D| - [19/06/2016 19:46:15] - (.-.) - [1.86 Ko] - (0.0.0.0) - C:\Windows\system32\SetupBD.din [MD5.17ABCAD44A75C635583A238ED6333357] - |D| - [19/06/2016 19:28:19] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [76.84 Ko] - (3.0.0.16) - C:\Windows\system32\SFAPO64.dll [MD5.2C25AF115BDDC05D9A84D26227A08E63] - |D| - [19/06/2016 19:28:19] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [79.34 Ko] - (3.0.0.16) - C:\Windows\system32\SFCOM64.dll [MD5.7B3E9344FB43D799C6462227A0E65877] - |D| - [19/06/2016 19:28:19] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [215.84 Ko] - (3.0.0.16) - C:\Windows\system32\SFNHK64.dll [MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - |D| - [14/07/2009 01:56:51] - (.-.) - [16.35 Ko] - (0.0.0.0) - C:\Windows\system32\ShiftJIS.uce [MD5.DDD40BFA6C2C1BC92C944A9CA204D41C] - |D| - [19/06/2016 19:28:23] - (.Copyright (C) 2013 DTS, Inc. - DTS Studio Sound.) - [878.24 Ko] - (3.1.18.0) - C:\Windows\system32\sl3apo64.dll [MD5.930D5291EC96FC99E22407A074C13FF3] - |D| - [19/06/2016 19:28:24] - (.Copyright (C) 2011 SRS Labs, Inc. - SRS Labs.) - [1021.24 Ko] - (3.1.18.0) - C:\Windows\system32\slcnt64.dll [MD5.38482A5013D8AB40DF0FB15EAE022C57] - |D| - [10/06/2009 22:59:12] - (.-.) - [110.97 Ko] - (0.0.0.0) - C:\Windows\system32\slmgr.vbs [MD5.D1FC86937CCC7E9F896DA7A896881C55] - |D| - [19/06/2016 19:28:24] - (.TODO: (c) . - TODO: .) - [239.74 Ko] - (1.0.0.1) - C:\Windows\system32\slprp64.dll [MD5.5F3FEA9F445A7FF2CECDBC2CDBF39C93] - |D| - [19/06/2016 19:28:24] - (.Copyright (C) 2013 DTS, Inc. - DTS Studio Sound.) - [707.74 Ko] - (3.1.18.0) - C:\Windows\system32\sltech64.dll [MD5.C74D61FCA22F36791105D7878AF73572] - |D| - [10/06/2009 23:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\Windows\system32\spcinstrumentation.man [MD5.A88BE9A6C4E646A2B2A1BD3A7F4B58E7] - |D| - [19/06/2016 19:28:20] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [194.23 Ko] - (1.1.0.0) - C:\Windows\system32\SRSHP64.dll [MD5.A028717B791416182959B325D5B40679] - |D| - [19/06/2016 19:28:20] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [206.23 Ko] - (1.1.4.0) - C:\Windows\system32\SRSTSH64.dll [MD5.018D3D2478754AA411DE6DA6DE5F8F21] - |D| - [19/06/2016 19:28:20] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [506.73 Ko] - (3.2.0.0) - C:\Windows\system32\SRSTSX64.dll [MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - |D| - [19/06/2016 19:28:20] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [152.23 Ko] - (1.1.3.0) - C:\Windows\system32\SRSWOW64.dll [MD5.30F5568679A54042F99CA9EC1102EBCD] - |D| - [14/07/2009 01:56:51] - (.-.) - [91.51 Ko] - (0.0.0.0) - C:\Windows\system32\SubRange.uce [MD5.74943B60374CB5F9C6F9907F8BD2F79A] - |D| - [10/06/2009 23:01:15] - (.-.) - [3.14 Ko] - (0.0.0.0) - C:\Windows\system32\sysprint.sep [MD5.9E1F3509104FCEB377A58A16E8243D39] - |D| - [14/07/2009 01:16:33] - (.-.) - [3.49 Ko] - (0.0.0.0) - C:\Windows\system32\sysprtj.sep [MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |D| - [22/06/2016 01:31:19] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\Windows\system32\systemsf.ebd [MD5.C059C6B7518A9D6DE3616A3143392FE6] - |D| - [10/06/2009 23:01:24] - (.-.) - [1.02 Ko] - (0.0.0.0) - C:\Windows\system32\tcpbidi.xml [MD5.47F22CAD4A16BB40153555D631546B94] - |D| - [10/06/2009 23:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\system32\tcpmon.ini [MD5.6D21D0A95286DCD09E354B612F592EB7] - |D| - [14/07/2009 04:34:28] - (.-.) - [1.94 Ko] - (0.0.0.0) - C:\Windows\system32\ticrf.rat [MD5.B0D8E26D3CC725F0CC6D33FDBEA061F7] - |D| - [14/07/2009 06:45:37] - (.-.) - [21 Ko] - (0.0.0.0) - C:\Windows\system32\umstartup.etl [MD5.E2090ABBDE0128166584C1534810D334] - |D| - [14/07/2009 06:45:37] - (.-.) - [9 Ko] - (0.0.0.0) - C:\Windows\system32\umstartup000.etl [MD5.D70BEDB9436DBCA77D3E470C1BAB373E] - |D| - [04/05/2016 04:22:42] - (.-.) - [127.78 Ko] - (0.0.0.0) - C:\Windows\system32\vulkan-1-1-0-11-1.dll [MD5.D70BEDB9436DBCA77D3E470C1BAB373E] - |D| - [19/06/2016 21:22:12] - (.-.) - [127.78 Ko] - (0.0.0.0) - C:\Windows\system32\vulkan-1.dll [MD5.0597F21B1DCADAB5F28806671670CDE4] - |D| - [04/05/2016 04:22:10] - (.-.) - [44.28 Ko] - (0.0.0.0) - C:\Windows\system32\vulkaninfo-1-1-0-11-1.exe [MD5.0597F21B1DCADAB5F28806671670CDE4] - |D| - [19/06/2016 21:22:12] - (.-.) - [44.28 Ko] - (0.0.0.0) - C:\Windows\system32\vulkaninfo.exe [MD5.D61708735E3A42A09DDA19E811F3A9A8] - |D| - [19/06/2016 19:28:20] - (.Copyright © 1996-2012 - General Library for Plug-Ins.) - [2052.59 Ko] - (4.4.5.0) - C:\Windows\system32\WavesGUILib64.dll [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |D| - [13/07/2009 23:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\system32\WdsUnattendTemplate.xml [MD5.33C138E3A498083EF8792EAC3FD707BA] - |D| - [10/06/2009 23:00:54] - (.-.) - [0.03 Ko] - (0.0.0.0) - C:\Windows\system32\winrm.cmd [MD5.5B49271AEC5D5A221E91C7B4F3BC2F4C] - |D| - [14/07/2009 00:53:10] - (.-.) - [196.32 Ko] - (0.0.0.0) - C:\Windows\system32\winrm.vbs [MD5.3C436603213561E2E7DD3D4459DBB7D4] - |D| - [14/07/2009 00:53:10] - (.-.) - [4.57 Ko] - (0.0.0.0) - C:\Windows\system32\wsmanconfig_schema.xml [MD5.D6CBFA113B69C491DE370E85EBAC80E9] - |D| - [14/07/2009 00:53:10] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\Windows\system32\WsmPty.xsl [MD5.B2EDF82825D979928AE07CBE9C7A2160] - |D| - [14/07/2009 00:53:10] - (.-.) - [2.37 Ko] - (0.0.0.0) - C:\Windows\system32\WsmTxt.xsl [MD5.9D6B8FC71167D22849424084F0F3D9E9] - |D| - [10/06/2009 22:31:09] - (.-.) - [74.28 Ko] - (0.0.0.0) - C:\Windows\system32\xpsrchvw.xml [MD5.CFB89001DDE4224FB10C47E3DB3F5956] - |D| - [10/06/2009 23:03:31] - (.-.) - [3.95 Ko] - (0.0.0.0) - C:\Windows\system32\xwizard.dtd ¤¤¤¤¤¤¤¤¤¤ | Installer [HKCR\Installer\Products\166F59DC4C5A5F446AAACEDD192C1450] : WinZip 20.5 [HKCR\Installer\Products\18555481990E8AB4CBB63FB4F26006C0] : Google Toolbar for Internet Explorer [HKCR\Installer\Products\2CAA5700F9AEE094387FD5F518BEA234] : ASUS GPU TweakII -> C:\Windows\Installer\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4D296F39D4C0DEE4B9EF56C7D19595EF] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\68AB67CA408033019195008142811430] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824184103}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA7FFFFB744AA0000000010] : Adobe Reader X (10.1.16) MUI -> C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico [HKCR\Installer\Products\6F97D78C318F21847B9ACCACBAB81188] : ASUS Product Register Program -> C:\Windows\Installer\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\71460E5BCA4A52243BE6E7439C61617E] : Intel® Trusted Connect Service Client [HKCR\Installer\Products\8E1EB2E0780F6D54D892C53B5046B387] : Sonic Radar -> C:\Windows\Installer\{0E2BE1E8-F087-45D6-8D29-5CB305643B78}\icon.ico [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\BFAEA49522809AE45A8B0349585A51EE] : -> C:\Windows\Installer\{594AEAFB-0822-4EA9-A5B8-309485A515EE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F7322F45C810B3848848F90C8D88043C] : VC_CRT_x64 ¤¤¤¤¤¤¤¤¤¤ | ADS ¤¤¤¤¤¤¤¤¤¤ | Drives Disk: 0 Size=19.1T Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 07-NTFS 100M Yes No 2,048 204,800 1 1 07-NTFS 19.1T No No 206,848 906,820,096 ¤¤¤¤¤¤¤¤¤¤ | MBR Windows Version: Windows 7 Ultimate Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: ASUSTeK COMPUTER INC. BIOS Manufacturer: American Megatrends Inc. System Manufacturer: ASUS System Product Name: All Series Logical Drives Mask: 0x0000001c Analysis of file "C:\QuickDiag\MBR.bin": Windows 7 MBR code detected 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ¤¤¤¤¤¤¤¤¤¤( EOF)¤¤¤¤¤¤¤¤¤¤ - 5718 | 00:53:14