cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 12/12/2016 19:07:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lara\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000416 | Country: Brazil | Language: PTB | Date Format: dd/MM/yyyy

7,88 Gb Total Physical Memory | 3,20 Gb Available Physical Memory | 40,62% Memory free
10,63 Gb Paging File | 4,79 Gb Available in Paging File | 45,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914,66 Gb Total Space | 753,00 Gb Free Space | 82,33% Space Free | Partition Type: NTFS

Computer Name: LARA | User Name: Lara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2016/12/12 18:56:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lara\Downloads\OTL--.exe
PRC - [2016/12/10 18:42:25 | 000,288,920 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
PRC - [2016/12/10 15:18:07 | 007,095,408 | ---- | M] (Spotify Ltd) -- C:\Users\Lara\AppData\Roaming\Spotify\Spotify.exe
PRC - [2016/12/10 15:18:07 | 001,444,976 | ---- | M] (Spotify Ltd) -- C:\Users\Lara\AppData\Roaming\Spotify\SpotifyWebHelper.exe
PRC - [2016/12/09 00:04:00 | 001,517,280 | ---- | M] (Microsoft Corporation) -- C:\Users\Lara\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2016/11/25 14:18:06 | 000,390,144 | ---- | M] (BitTorrent Inc.) -- C:\Users\Lara\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe
PRC - [2016/11/25 13:09:33 | 002,145,984 | ---- | M] (BitTorrent Inc.) -- C:\Users\Lara\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2016/11/16 10:59:48 | 000,237,568 | ---- | M] (http://www.amule.org/) -- C:\Program Files (x86)\amuleC1\ed2k.exe
PRC - [2016/11/15 20:45:50 | 000,157,696 | ---- | M] () -- C:\ProgramData\Nicliosukroim\1.0.7.1\auufflab.exe
PRC - [2016/10/25 10:51:06 | 002,383,040 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
PRC - [2016/10/25 10:51:06 | 002,360,000 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
PRC - [2016/10/25 10:51:06 | 000,744,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
PRC - [2016/10/25 10:51:06 | 000,190,144 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
PRC - [2016/10/25 10:49:52 | 000,148,672 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
PRC - [2016/10/25 09:57:10 | 031,723,696 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
PRC - [2016/10/21 19:02:44 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016/10/12 01:08:28 | 011,798,680 | ---- | M] (Node.js) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
PRC - [2016/09/30 21:36:20 | 001,868,472 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
PRC - [2016/09/26 14:55:26 | 002,207,960 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
PRC - [2016/04/06 00:28:48 | 000,141,960 | ---- | M] () -- C:\Program Files (x86)\WeatherTool\2.0.1.11297\WeatherService.exe
PRC - [2016/04/05 20:07:48 | 001,029,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
PRC - [2015/11/26 07:21:20 | 000,592,120 | ---- | M] () -- C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe
PRC - [2015/05/13 03:19:46 | 001,714,448 | ---- | M] (Baidu, Inc.) -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe
PRC - [2014/12/13 00:00:00 | 002,726,256 | ---- | M] (Acute Angle Solutions Ltd) -- C:\ProgramData\HVkcBl\QcCbvukZX.exe
PRC - [2014/12/12 18:07:39 | 001,141,848 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
PRC - [2014/10/30 05:41:44 | 000,031,856 | ---- | M] () -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
PRC - [2014/10/29 19:06:54 | 000,560,192 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
PRC - [2014/10/26 22:59:24 | 000,039,568 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2014/05/15 05:28:16 | 003,020,632 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
PRC - [2014/04/30 17:00:36 | 000,277,360 | ---- | M] (arvato digital services llc) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2014/04/21 22:42:34 | 000,131,904 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe
PRC - [2014/04/21 22:42:14 | 000,097,088 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe
PRC - [2014/04/21 22:42:10 | 001,594,176 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
PRC - [2014/01/06 14:07:50 | 000,323,584 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2013/12/21 00:29:14 | 000,755,080 | ---- | M] (Samsung) -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
PRC - [2013/09/17 04:13:26 | 001,715,592 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\ProgramData\Samsung\ShutdownEvent.exe
PRC - [2013/09/16 18:20:16 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013/09/16 18:20:10 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2013/01/26 18:12:12 | 000,172,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/12/10 15:18:15 | 051,777,648 | ---- | M] () -- C:\Users\Lara\AppData\Roaming\Spotify\libcef.dll
MOD - [2016/12/10 15:18:08 | 001,803,888 | ---- | M] () -- C:\Users\Lara\AppData\Roaming\Spotify\libglesv2.dll
MOD - [2016/12/10 15:18:08 | 000,086,128 | ---- | M] () -- C:\Users\Lara\AppData\Roaming\Spotify\libegl.dll
MOD - [2016/12/10 15:18:07 | 000,110,192 | ---- | M] () -- C:\Users\Lara\AppData\Roaming\Spotify\SpotifyWinRT.dll
MOD - [2016/12/09 00:04:00 | 001,244,376 | ---- | M] () -- C:\Users\Lara\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
MOD - [2016/11/15 20:45:50 | 000,157,696 | ---- | M] () -- C:\ProgramData\Nicliosukroim\1.0.7.1\auufflab.exe
MOD - [2016/10/25 10:51:06 | 040,523,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
MOD - [2016/10/25 10:49:52 | 000,821,952 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanMessage5.dll
MOD - [2016/10/25 10:49:52 | 000,713,408 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanControl.dll
MOD - [2016/10/25 10:49:52 | 000,098,496 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
MOD - [2016/10/25 09:57:10 | 031,723,696 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
MOD - [2016/10/12 01:08:26 | 000,223,232 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
MOD - [2016/10/12 01:08:26 | 000,124,928 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
MOD - [2016/10/12 01:08:26 | 000,117,248 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
MOD - [2016/10/12 01:08:22 | 000,166,400 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
MOD - [2016/10/12 01:08:22 | 000,118,272 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
MOD - [2015/11/26 07:21:20 | 000,592,120 | ---- | M] () -- C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe
MOD - [2015/03/17 02:34:24 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\pt_BR\AcroTray.PTB
MOD - [2014/10/29 19:06:54 | 000,560,192 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
MOD - [2014/10/29 19:01:58 | 001,382,048 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
MOD - [2014/10/11 13:06:16 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/10/11 13:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/04/21 22:42:32 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/11/11 08:09:31 | 000,764,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2016/11/11 07:22:23 | 000,082,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2016/11/11 07:20:50 | 000,339,456 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2016/11/11 07:20:10 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2016/11/11 07:19:59 | 000,411,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2016/11/11 07:19:35 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2016/11/11 07:16:35 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2016/11/11 07:14:35 | 002,104,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2016/11/11 07:11:57 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2016/11/11 07:06:54 | 002,275,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2016/11/11 07:06:19 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2016/11/11 07:05:32 | 004,136,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2016/11/11 07:04:16 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2016/11/11 07:04:03 | 001,232,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2016/11/02 08:30:35 | 000,635,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2016/11/02 08:19:44 | 000,805,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2016/11/02 08:16:47 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2016/11/02 08:16:27 | 000,770,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2016/10/15 01:42:44 | 000,539,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2016/10/15 01:37:03 | 001,980,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2016/10/05 07:18:56 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2016/09/29 14:52:14 | 000,447,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2016/09/29 14:52:03 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2016/09/29 14:52:03 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2016/09/29 14:52:00 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2016/09/29 14:51:54 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2016/09/23 02:11:34 | 000,993,824 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV:[b]64bit:[/b] - [2016/09/15 14:40:41 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2016/09/15 14:38:15 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2016/09/15 14:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2016/09/15 14:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2016/09/15 14:35:45 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2016/09/15 14:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2016/09/15 14:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2016/09/15 14:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2016/09/15 14:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2016/09/15 14:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2016/09/15 14:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2016/09/15 14:35:03 | 001,013,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2016/09/15 14:23:51 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2016/08/06 01:34:01 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2016/07/16 09:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2016/07/16 09:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2016/07/16 09:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:43:06 | 000,347,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:43:04 | 000,103,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:37 | 000,718,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_9ade92f)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_9ade92f)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_9ade92f)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_9ade92f)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_9ade92f)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_9ade92f)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_9ade92f)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:19 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 001,512,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 001,184,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,326,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2016/07/16 09:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2016/07/16 09:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2016/07/16 09:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2016/07/07 06:57:40 | 000,596,768 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:[b]64bit:[/b] - [2016/07/07 06:57:40 | 000,596,768 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:[b]64bit:[/b] - [2016/07/07 06:57:40 | 000,596,768 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:[b]64bit:[/b] - [2016/07/07 06:57:40 | 000,596,768 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:[b]64bit:[/b] - [2016/07/07 06:57:40 | 000,596,768 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:[b]64bit:[/b] - [2016/07/07 06:57:40 | 000,596,768 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McBootDelayStartSvc)
SRV:[b]64bit:[/b] - [2016/07/07 06:57:40 | 000,596,768 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:[b]64bit:[/b] - [2016/06/23 16:05:58 | 000,382,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe -- (mfemms)
SRV:[b]64bit:[/b] - [2016/06/21 05:34:56 | 000,816,128 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:[b]64bit:[/b] - [2016/06/17 14:34:56 | 001,454,216 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe -- (ModuleCoreService)
SRV:[b]64bit:[/b] - [2016/05/31 07:13:48 | 001,910,000 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe -- (mccspsvc)
SRV:[b]64bit:[/b] - [2016/05/25 08:22:56 | 001,045,336 | ---- | M] (Intel Security, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe -- (PEFService)
SRV:[b]64bit:[/b] - [2016/04/26 18:56:24 | 000,277,744 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:[b]64bit:[/b] - [2016/04/26 18:55:12 | 000,232,688 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:[b]64bit:[/b] - [2016/02/19 04:09:20 | 000,329,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2016/02/01 08:29:38 | 000,256,120 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe -- (SynTPEnhService)
SRV:[b]64bit:[/b] - [2014/01/29 05:34:58 | 000,609,632 | ---- | M] (Copyright 2013 SAMSUNG) [Auto | Running] -- C:\Program Files\Samsung\Samsung Link\Samsung Link.exe -- (Samsung Link Service)
SRV:[b]64bit:[/b] - [2013/12/21 00:31:20 | 000,404,360 | ---- | M] (Samsung) [Auto | Running] -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe -- (AllShare Framework DMS)
SRV:[b]64bit:[/b] - [2013/08/27 03:32:30 | 000,828,376 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/08/27 03:32:14 | 000,747,520 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2016/12/09 01:02:00 | 000,409,088 | ---- | M] (Fun Dw) [Auto | Running] -- C:\Program Files (x86)\WinArcher\Archer.dll -- (Archer)
SRV - [2016/12/07 09:51:00 | 000,217,600 | ---- | M] () [Auto | Running] -- C:\ProgramData\WinSAPSvc\WinSAP.dll -- (WinSAPSvc)
SRV - [2016/12/02 17:10:24 | 000,275,968 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Coitain\Aneputyhoturybld.dll -- (Qervach)
SRV - [2016/11/16 10:59:48 | 000,237,568 | ---- | M] (http://www.amule.org/) [Auto | Running] -- C:\Program Files (x86)\amuleC1\ed2k.exe -- (ed2kidle)
SRV - [2016/11/11 05:19:35 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2016/11/11 05:05:12 | 003,370,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2016/11/11 04:40:49 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2016/10/26 16:48:06 | 001,265,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\ProgramData\Windows Security\winsecurity.exe -- (WindowsSecurity)
SRV - [2016/10/25 10:51:06 | 000,744,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe -- (AdobeUpdateService)
SRV - [2016/10/24 14:38:38 | 000,187,840 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2016/10/21 19:02:44 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016/09/26 14:55:26 | 002,207,960 | ---- | M] (Adobe Systems, Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe -- (AGSService)
SRV - [2016/08/06 01:33:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2016/07/16 09:42:55 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2016/07/16 09:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2016/04/06 00:28:48 | 000,141,960 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\WeatherTool\2.0.1.11297\WeatherService.exe -- (TheDesktopWeatherService)
SRV - [2016/02/19 04:09:56 | 000,290,880 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2015/05/13 03:19:46 | 001,714,448 | ---- | M] (Baidu, Inc.) [Auto | Running] -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe -- (PCFasterSvc_{PCFaster_5.1.0.0})
SRV - [2014/12/13 00:00:00 | 002,726,256 | ---- | M] (Acute Angle Solutions Ltd) [Auto | Running] -- C:\ProgramData\HVkcBl\QcCbvukZX.exe -- (QcCbvukZX)
SRV - [2014/12/12 18:07:39 | 001,141,848 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Cloud Service)
SRV - [2014/10/30 05:41:44 | 000,031,856 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2014/10/26 22:59:24 | 000,039,568 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2014/05/15 05:28:16 | 003,020,632 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe -- (SWUpdateService)
SRV - [2014/04/30 17:00:36 | 000,277,360 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2014/04/21 22:42:10 | 001,594,176 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe -- (Settings Launcher)
SRV - [2014/01/06 14:07:50 | 000,323,584 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2013/09/16 18:20:16 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/09/16 18:20:10 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/01/26 18:12:12 | 000,172,104 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2012/04/24 03:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2007/12/17 02:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2007/01/11 02:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/11/11 08:00:25 | 000,219,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2016/11/11 07:26:51 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2016/11/02 09:12:07 | 000,376,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2016/11/02 08:55:52 | 000,048,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2016/10/15 02:37:01 | 000,063,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2016/10/15 02:30:16 | 000,557,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2016/10/15 01:31:37 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2016/10/05 08:35:31 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2016/10/05 08:09:07 | 000,064,352 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2016/09/29 14:52:14 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2016/09/29 14:51:54 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2016/09/29 14:51:54 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2016/09/29 14:51:54 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2016/09/29 14:40:55 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2016/09/15 15:29:54 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2016/09/15 15:29:03 | 000,081,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2016/09/15 15:15:56 | 000,130,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2016/09/15 15:14:50 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2016/09/15 14:40:36 | 000,249,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2016/09/15 14:36:57 | 000,719,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2016/09/10 11:21:43 | 000,118,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2016/09/05 06:47:12 | 000,165,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2016/09/05 06:47:06 | 000,131,712 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2016/08/02 02:03:54 | 000,216,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:[b]64bit:[/b] - [2016/08/01 19:26:02 | 000,519,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:[b]64bit:[/b] - [2016/08/01 19:26:02 | 000,100,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:[b]64bit:[/b] - [2016/07/16 20:54:16 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2016/07/16 20:54:08 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2016/07/16 09:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2016/07/16 09:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2016/07/16 09:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2016/07/16 09:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2016/07/16 09:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:54 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:54 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:50 | 004,233,728 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2016/07/16 09:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2016/07/13 18:47:38 | 000,610,336 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2016/04/27 17:55:18 | 000,843,048 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:[b]64bit:[/b] - [2016/04/27 17:55:18 | 000,493,352 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:[b]64bit:[/b] - [2016/04/27 17:55:18 | 000,419,616 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeaack.sys -- (mfeaack)
DRV:[b]64bit:[/b] - [2016/04/27 17:55:18 | 000,349,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:[b]64bit:[/b] - [2016/04/27 17:55:18 | 000,243,488 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:[/b] - [2016/04/27 17:55:18 | 000,083,608 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:[b]64bit:[/b] - [2016/04/27 17:55:18 | 000,078,632 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:[b]64bit:[/b] - [2016/04/20 12:00:48 | 000,079,192 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\McPvDrv.sys -- (McPvDrv)
DRV:[b]64bit:[/b] - [2016/02/19 04:08:58 | 003,798,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2016/02/01 08:29:16 | 000,646,264 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2015/09/23 21:00:16 | 000,041,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETDSMBus.sys -- (ETDSMBus)
DRV:[b]64bit:[/b] - [2015/08/21 12:50:48 | 000,463,112 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2015/07/20 17:45:04 | 000,050,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2015/07/20 17:45:04 | 000,038,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2015/04/01 01:32:18 | 000,093,512 | ---- | M] (Baidu, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BProtectEx.sys -- (BprotectEx)
DRV:[b]64bit:[/b] - [2014/08/15 23:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2014/04/01 22:35:44 | 000,633,192 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2014/01/06 14:09:44 | 000,223,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hid.sys -- (BTATH_HID)
DRV:[b]64bit:[/b] - [2014/01/06 14:09:42 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2013/09/16 18:20:12 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:22 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscebus.sys -- (sscebus)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:22 | 000,158,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssceserd.sys -- (ssceserd)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:18 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:18 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudobex.sys -- (ssudobex)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:18 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssuddmgr.sys -- (ssuddmgr)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:18 | 000,067,864 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudrmnet.sys -- (ssudrmnet)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:16 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:16 | 000,158,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:12 | 000,128,000 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bserd.sys -- (ss_bserd)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:12 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:12 | 000,024,064 | ---- | M] (MobileTop) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HSPUSB.sys -- (shspusb)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:10 | 000,172,032 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:10 | 000,136,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssm_bus.sys -- (ssm_bus)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:08 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bus.sys -- (ss_bus)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:02 | 000,019,968 | ---- | M] (Intel Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FlashUSB.sys -- (FlashUSB)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:00 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:[b]64bit:[/b] - [2013/06/05 03:18:00 | 000,158,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:[b]64bit:[/b] - [2013/06/05 03:17:54 | 000,101,960 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssdudfu.sys -- (ssdudfu)
DRV:[b]64bit:[/b] - [2012/10/03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/08/09 16:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2012/07/27 10:00:03 | 000,023,408 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RadioHIDMini.sys -- (RadioHIDMini)
DRV - [2016/07/16 09:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
DRV - [2016/06/06 22:08:46 | 000,046,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys -- (mfesapsn)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.amisites.com/?type=hp&ts=1481292295&z=d334e1ce4b50f372631ff5cg2z0b6gbo7t7o0obtbb&from=archer1028&uid=ST1000LM024XHN-M101MBB_S32HJ9CF901108
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.amisites.com/search/?type=ds&ts=1481128267&z=be3504f71d59c473315eaebgbz5bfg2g5o3b8o7m8c&from=che0812&uid=ST1000LM024XHN-M101MBB_S32HJ9CF901108&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.amisites.com/search/?type=ds&ts=1481128267&z=be3504f71d59c473315eaebgbz5bfg2g5o3b8o7m8c&from=che0812&uid=ST1000LM024XHN-M101MBB_S32HJ9CF901108&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=b753176e7ff43612c16db6ce3f4ad441
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{7B7060F1-3B3F-425E-802B-CC2442925CE5}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=SMJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.amisites.com/?type=hp&ts=1481292295&z=d334e1ce4b50f372631ff5cg2z0b6gbo7t7o0obtbb&from=archer1028&uid=ST1000LM024XHN-M101MBB_S32HJ9CF901108
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.amisites.com/search/?type=ds&ts=1481128267&z=be3504f71d59c473315eaebgbz5bfg2g5o3b8o7m8c&from=che0812&uid=ST1000LM024XHN-M101MBB_S32HJ9CF901108&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.amisites.com/search/?type=ds&ts=1481128267&z=be3504f71d59c473315eaebgbz5bfg2g5o3b8o7m8c&from=che0812&uid=ST1000LM024XHN-M101MBB_S32HJ9CF901108&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=b753176e7ff43612c16db6ce3f4ad441
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.amisites.com/search/?type=ds&ts=1481128267&z=be3504f71d59c473315eaebgbz5bfg2g5o3b8o7m8c&from=che0812&uid=ST1000LM024XHN-M101MBB_S32HJ9CF901108&q={searchTerms}
IE - HKLM\..\SearchScopes\{7B7060F1-3B3F-425E-802B-CC2442925CE5}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=SMJB


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.amisites.com/?type=hp&ts=1481292295&z=d334e1ce4b50f372631ff5cg2z0b6gbo7t7o0obtbb&from=archer1028&uid=ST1000LM024XHN-M101MBB_S32HJ9CF901108
IE - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=b753176e7ff43612c16db6ce3f4ad441
IE - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 90 EE D6 D2 6C 53 D2 01 [binary data]
IE - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 48 00 00 00 36 2C 76 BB 49 06 50 C6 5A 23 42 85 CC D7 25 1C B9 8F EC 9C 5A EB E2 14 47 64 E9 DA 31 7A 90 3A D0 F9 ED 6F A6 61 5F 61 46 8C EA 4C 76 BF 28 FC D5 D7 05 33 6D B9 9A 41 29 F5 46 C0 10 62 5F 86 7B 03 22 87 C2 77 E5 02 02 00 00 00 0E 00 00 00 54 6B 64 39 7A 4B 36 4D 4C 58 45 25 33 64 [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.amisites.com/search/?type=ds&ts=1481128267&z=be3504f71d59c473315eaebgbz5bfg2g5o3b8o7m8c&from=che0812&uid=ST1000LM024XHN-M101MBB_S32HJ9CF901108&q={searchTerms}
IE - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\..\SearchScopes\{76AC76A3-F18D-4C6C-B53A-0731EC3F332A}: "URL" = https://br.search.yahoo.com/search?fr=mcafee&type=C011BR389D20141212&p={searchTerms}
IE - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8080;https=127.0.0.1:8080


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.51.2: C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2: C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.15.10: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.15: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.15.10: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\SAFFPLG.XPI [2016/05/24 17:21:30 | 000,120,365 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{338950EA-82DB-44C1-930D-0C28E023C9F0}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/12/12 18:08:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/12/12 18:08:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016/05/24 17:21:30 | 000,120,365 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension.15@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016/09/10 17:41:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2016/08/03 17:48:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58C7ACE4-C3C3-3ED1-9E4B-B7326C9CA062}: C:\Program Files (x86)\version74BlockAndSurf\191.xpi

[2016/07/19 20:49:40 | 000,043,424 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\caaclfkfmcnlppkambfehbfhlekhpenf\1.0_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.12.4_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb\1.2.1_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj\1.3_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehehgijaidopomcfpkigakimeoglkjpa\2.0.1.28_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\emkkfkcbnpdnhgeolpbggbdogfngiadf\1.2_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.7_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\5.0.331.0_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\16_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei\2.0.6.7_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbaojbjkmgijecaenlbpcoeljkiggfic\2.9.5_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.6_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\loamdenijebhollnjgehcfbnpeelfhlk\14_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\4.1_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiabhgfgfhoilflkoicbmnejgjjfmhcg\1.1_0\
CHR - Extension: No name found = C:\Users\Lara\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb\6.0.5_0\

O1 HOSTS File: ([2013/08/22 11:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
O2:[b]64bit:[/b] - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll (Adobe Systems Incorporated)
O2:[b]64bit:[/b] - BHO: (McAfee WebAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:[b]64bit:[/b] - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll (Adobe Systems Incorporated)
O2 - BHO: (Treasure Track) - {1ef422df-c387-4f0d-88d1-b75bdfd51013} - C:\Program Files (x86)\Treasure Track\Extensions\1ef422df-c387-4f0d-88d1-b75bdfd51013.dll File not found
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee WebAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (Adobe Systems Incorporated)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (Adobe Systems Incorporated)
O3:[b]64bit:[/b] - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Samsung Link] C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Copyright 2013 SAMSUNG)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [mbot_br_354] File not found
O4 - HKLM..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe ()
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001..\Run: [Adobe Acrobat Synchronizer] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001..\Run: [DisplaySwitch] C:\ProgramData\Samsung\DisplaySwitch.exe (TODO: <Company name>)
O4 - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001..\Run: [Epson Stylus TX115] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBB.EXE /FU "C:\Users\Lara\AppData\Local\Temp\E_SBF49.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001..\Run: [EPSON TX115 Series (Copy 1)] /FU "C:\WINDOWS\TEMP\E_SD987.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001..\Run: [OneDrive] C:\Users\Lara\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001..\Run: [Spotify] C:\Users\Lara\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001..\Run: [Spotify Web Helper] C:\Users\Lara\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001..\Run: [uTorrent] C:\Users\Lara\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-1212341227-2709655083-2383566263-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O8:[b]64bit:[/b] - Extra context menu item: Adicionar página da Web a um PDF existente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (Adobe Systems Incorporated)
O8:[b]64bit:[/b] - Extra context menu item: Anexar destino do lin&k a PDF existente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (Adobe Systems Incorporated)
O8:[b]64bit:[/b] - Extra context menu item: Converter &página da Web em Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (Adobe Systems Incorporated)
O8:[b]64bit:[/b] - Extra context menu item: Converter destino do link em Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (Adobe Systems Incorporated)
O8:[b]64bit:[/b] - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Adicionar página da Web a um PDF existente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Anexar destino do lin&k a PDF existente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Converter &página da Web em Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Converter destino do link em Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 File not found
O9:[b]64bit:[/b] - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9 - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O9 - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.6.2.17 201.6.2.157
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8c3eb827-679a-470f-945d-d618734c93fd}: DhcpNameServer = 201.6.2.17 201.6.2.157
O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:[b]64bit:[/b] - HKLM IFEO\MRT.exe: Debugger - C:\Program Files (x86)\Coitain\_ALLOWDEL_575c51a\Gubed.exe ()
O27 - HKLM IFEO\MRT.exe: Debugger - C:\Program Files (x86)\Coitain\_ALLOWDEL_575c51a\Gubed.exe ()
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {52770536-AB31-11E6-BB07-64006A5CFC23} - C:\Users\Lara\AppData\Roaming\Jizile\Stzutterepy.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/04/10 18:58:15 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/12/12 18:32:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016/12/12 18:31:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2016/12/11 13:31:11 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\SafeWeb
[2016/12/11 13:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Baidu
[2016/12/10 16:06:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\amuleC1
[2016/12/09 12:04:49 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Roaming\dgadg
[2016/12/07 14:56:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\f09er35s
[2016/12/07 14:31:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UvConverter
[2016/12/03 17:11:45 | 000,000,000 | ---D | C] -- C:\ProgramData\WinSAPSvc
[2016/12/03 13:27:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hw1ak1fp
[2016/12/03 13:12:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinArcher
[2016/12/03 12:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\xag74t67
[2016/12/03 03:22:07 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign1402dd3e5639cfc3
[2016/12/03 01:06:08 | 000,000,000 | ---D | C] -- C:\Users\Lara\Desktop\Adobe Edge Animate CC 2015
[2016/12/02 17:13:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2016/12/02 17:13:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg
[2016/12/02 17:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OtherSearch
[2016/12/02 17:11:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Security
[2016/12/02 17:10:28 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Roaming\Jizile
[2016/12/02 17:10:25 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Therdukwuck
[2016/12/02 17:10:25 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Roaming\Profiles
[2016/12/02 17:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Coitain
[2016/11/20 14:55:37 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign1c39c78ae7107fa7
[2016/11/16 23:33:08 | 000,000,000 | ---D | C] -- C:\Users\Lara\Documents\Modelos Personalizados do Office
[2016/11/16 22:02:35 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign87016665375903b5
[2016/11/16 22:02:34 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign2f0cfc3e0f9598ae
[2016/11/16 22:01:51 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsigne8c3e8ee1447478d
[2016/11/16 22:01:51 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsignb244982fdecb5d1d
[2016/11/16 22:00:04 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsigned059a0ad07824d4
[2016/11/16 22:00:04 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsigne16443989462e3b9
[2016/11/16 21:44:14 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsignd7a94db414f9d6c9
[2016/11/16 21:44:14 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign00608b3576d6f0ef
[2016/11/16 21:43:17 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign7ad1838e0bc4034a
[2016/11/16 21:43:17 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign43e1d2ce0944985b
[2016/11/16 14:06:26 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsignae854d8f10bb0249
[2016/11/16 14:06:26 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign8cca9dd6b07c497f
[2016/11/15 22:34:59 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign999f0e612e5e4d24
[2016/11/15 20:52:42 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign7feb6a68b87ceee2
[2016/11/15 20:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Nicliosukroim
[2016/11/15 20:15:39 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsigndf5b9e80762688d8
[2016/11/15 01:05:23 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsignf0bf63546d4a2d79
[2016/11/15 01:05:23 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign3fdf6a158ac27501
[2016/11/15 00:52:47 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign8b027096b0d7c200
[2016/11/15 00:42:12 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign92835ee9d686585a
[2016/11/14 04:31:18 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign65d1afd9365ef4c9
[2016/11/14 04:31:18 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign06723e3a3332d97d
[2016/11/14 03:13:57 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign97cf29df37a478b8
[2016/11/14 02:53:13 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign1a351ce58dba16c5
[2016/11/14 02:39:53 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsignd72e3a3fb464df4f
[2016/11/14 02:06:09 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsigne4f99970b9947394
[2016/11/14 02:01:31 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsigne7f1fdd8c1e6c146
[2016/11/14 01:58:38 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsigne4e3ccc8d292cba8
[2016/11/14 01:35:23 | 000,000,000 | ---D | C] -- C:\Users\Lara\Documents\Exportação sem título
[2016/11/14 01:15:02 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign6f9e33a30c90ca54
[2016/11/14 00:52:59 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign4767fe12c2dc1284
[2016/11/14 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Lara\Desktop\Adobe
[2016/11/13 23:56:00 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign3e3721fb47c14b5e
[2016/11/13 23:55:59 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsign6ea92e638521406b
[2016/11/13 23:53:26 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsignfa1bc25908fa5d09
[2016/11/13 23:53:26 | 000,000,000 | ---D | C] -- C:\Users\Lara\AppData\Local\Tempzxpsignad20c23d1ac24226
[2016/11/13 23:26:32 | 000,000,000 | ---D | C] -- C:\Users\Lara\Documents\Novas fotos
[2015/04/08 17:11:06 | 001,844,224 | ---- | C] (Cinema PlusV08.04) -- C:\Users\Lara\AppData\Roaming\MDRLDAGA.exe
[2014/06/23 00:35:30 | 002,064,264 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe
[3 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/12/12 18:17:49 | 3384,004,608 | -HS- | M] () -- C:\hiberfil.sys
[2016/12/12 18:17:43 | 000,085,218 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161212181132
[2016/12/12 18:17:42 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/12/12 18:17:41 | 000,878,391 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161211151356
[2016/12/11 15:13:58 | 000,149,940 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161211131459
[2016/12/11 13:14:19 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/12/11 13:12:33 | 000,025,444 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161211125205
[2016/12/11 12:49:51 | 000,173,950 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161211042740
[2016/12/11 04:28:38 | 000,151,118 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161211022836
[2016/12/11 02:31:47 | 000,999,798 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/12/11 02:31:47 | 000,794,084 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/12/11 02:31:47 | 000,195,370 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/12/11 02:28:04 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2016/12/11 02:28:04 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2016/12/10 19:11:41 | 000,553,233 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161210191048
[2016/12/10 19:11:41 | 000,150,173 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161210171223
[2016/12/10 18:43:28 | 000,002,334 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016/12/10 16:05:58 | 000,082,659 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161210160458
[2016/12/10 15:06:16 | 000,072,332 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161210150516
[2016/12/10 15:04:04 | 005,120,984 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/12/09 17:01:45 | 000,861,871 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161209155423
[2016/12/09 17:01:44 | 000,718,820 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161208162038
[2016/12/08 16:39:43 | 000,983,845 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161207150724
[2016/12/07 15:08:15 | 000,921,895 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161206150728
[2016/12/06 15:08:18 | 000,917,230 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161205185937
[2016/12/05 19:00:30 | 000,756,803 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161204150731
[2016/12/04 15:08:25 | 001,235,092 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161203150730
[2016/12/03 15:08:25 | 001,196,553 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161202150731
[2016/12/03 01:20:34 | 000,001,116 | ---- | M] () -- C:\Users\Lara\Desktop\Adobe Edge Animate CC 2015.lnk
[2016/12/02 15:07:52 | 000,824,466 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161201154232
[2016/11/16 22:02:02 | 000,000,033 | ---- | M] () -- C:\Users\Lara\AppData\Roaming\AdobeWLCMCache.dat
[2016/11/14 00:49:19 | 000,001,029 | ---- | M] () -- C:\Users\Lara\Desktop\Adobe Lightroom.lnk
[2016/11/13 23:26:58 | 000,001,128 | ---- | M] () -- C:\Users\Lara\Desktop\Adobe DNG Converter.lnk
[3 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/12/12 18:17:43 | 000,080,124 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161212181132
[2016/12/11 15:13:58 | 000,878,391 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161211151356
[2016/12/11 13:15:58 | 000,149,940 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161211131459
[2016/12/11 12:53:05 | 000,025,444 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161211125205
[2016/12/11 04:28:38 | 000,173,950 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161211042740
[2016/12/11 02:29:37 | 000,151,118 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161211022836
[2016/12/10 19:11:41 | 000,553,233 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161210191048
[2016/12/10 18:43:28 | 000,002,346 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2016/12/10 18:43:28 | 000,002,334 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016/12/10 18:42:27 | 000,001,074 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2016/12/10 18:42:26 | 000,001,070 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2016/12/10 17:13:23 | 000,150,173 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161210171223
[2016/12/10 16:05:58 | 000,082,659 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161210160458
[2016/12/10 15:06:16 | 000,072,332 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161210150516
[2016/12/09 22:34:11 | 002,048,496 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/12/09 22:33:52 | 002,681,200 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016/12/09 17:01:45 | 000,861,871 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161209155423
[2016/12/08 16:39:44 | 000,718,820 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161208162038
[2016/12/07 15:08:15 | 000,983,845 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161207150724
[2016/12/06 15:08:18 | 000,921,895 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161206150728
[2016/12/05 19:00:31 | 000,917,230 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161205185937
[2016/12/04 15:08:25 | 000,756,803 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161204150731
[2016/12/03 15:08:25 | 001,235,092 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161203150730
[2016/12/03 01:20:34 | 000,001,116 | ---- | C] () -- C:\Users\Lara\Desktop\Adobe Edge Animate CC 2015.lnk
[2016/12/03 01:15:11 | 000,001,116 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Edge Animate CC 2015.lnk
[2016/12/02 15:07:52 | 001,196,553 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161202150731
[2016/12/01 16:28:28 | 000,824,466 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161201154232
[2016/11/14 00:49:19 | 000,001,029 | ---- | C] () -- C:\Users\Lara\Desktop\Adobe Lightroom.lnk
[2016/11/14 00:49:19 | 000,001,029 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
[2016/11/13 23:26:58 | 000,001,128 | ---- | C] () -- C:\Users\Lara\Desktop\Adobe DNG Converter.lnk
[2016/09/29 22:57:50 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2016/09/29 18:02:52 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2016/09/29 18:01:12 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016/07/16 09:47:57 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2016/07/16 09:47:57 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2016/07/16 09:43:04 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2016/07/16 09:43:00 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2016/07/16 09:42:55 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2016/07/16 09:42:53 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2016/07/16 09:42:49 | 000,304,640 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2016/07/16 09:42:48 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2016/07/16 09:42:43 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2016/07/16 09:42:12 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2016/05/13 19:00:50 | 000,000,779 | ---- | C] () -- C:\Users\Lara\Downloads - Shortcut.lnk
[2016/03/26 00:13:58 | 000,073,220 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPrinterDB.dat
[2016/03/26 00:13:58 | 000,031,053 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern131.dat
[2016/03/26 00:13:58 | 000,029,114 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern1.dat
[2016/03/26 00:13:58 | 000,027,417 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern121.dat
[2016/03/26 00:13:58 | 000,021,021 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern3.dat
[2016/03/26 00:13:58 | 000,015,670 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern5.dat
[2016/03/26 00:13:58 | 000,013,280 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern2.dat
[2016/03/26 00:13:58 | 000,010,673 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern4.dat
[2016/03/26 00:13:58 | 000,004,943 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern6.dat
[2016/03/26 00:13:58 | 000,001,140 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_PT.dat
[2016/03/26 00:13:58 | 000,001,140 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_BP.dat
[2016/03/26 00:13:58 | 000,001,137 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_ES.dat
[2016/03/26 00:13:58 | 000,001,130 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_FR.dat
[2016/03/26 00:13:58 | 000,001,130 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_CF.dat
[2016/03/26 00:13:58 | 000,001,104 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_EN.dat
[2016/03/26 00:13:58 | 000,000,097 | ---- | C] () -- C:\WINDOWS\SysWow64\PICSDK.ini
[2016/03/26 00:12:39 | 000,000,071 | ---- | C] () -- C:\WINDOWS\ESTX115.ini
[2016/02/19 04:07:52 | 000,195,216 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2016/02/19 04:07:48 | 000,153,232 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2015/06/11 01:11:47 | 000,000,033 | ---- | C] () -- C:\Users\Lara\AppData\Roaming\AdobeWLCMCache.dat
[2015/03/26 17:14:08 | 000,005,542 | ---- | C] () -- C:\Users\Lara\AppData\Roaming\MDRLDAGA
[2015/03/20 20:15:18 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015/03/19 22:53:03 | 000,000,062 | ---- | C] () -- C:\Users\Lara\AppData\Roaming\WB.CFG
[2014/06/23 00:35:30 | 000,003,004 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016/11/11 08:01:16 | 007,219,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/11/11 05:47:14 | 005,722,832 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016/07/16 09:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 09:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/07/16 09:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKEY_CURRENT_USER\software\microsoft\winasettings\connections >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 237 bytes -> C:\Users\Lara\OneDrive:ms-properties

< End of report >

Publicité

Signaler le contenu de ce document

Publicité