cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 04/10/2017 20:56:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jakeline Neri\Downloads
An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

1,93 Gb Total Physical Memory | 0,49 Gb Available Physical Memory | 25,47% Memory free
3,85 Gb Paging File | 1,32 Gb Available in Paging File | 34,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27,41 Gb Total Space | 5,49 Gb Free Space | 20,03% Space Free | Partition Type: NTFS
Drive F: | 7,45 Gb Total Space | 3,52 Gb Free Space | 47,19% Space Free | Partition Type: FAT32

Computer Name: JAKELINE | User Name: Jakeline Neri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2017/10/04 20:51:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jakeline Neri\Downloads\OTL.exe
PRC - [2017/10/04 20:51:55 | 001,509,208 | ---- | M] (Google Inc.) -- C:\Windows\Temp\CR_3BB0D.tmp\setup.exe
PRC - [2017/10/04 20:51:52 | 002,177,640 | ---- | M] (Google Inc.) -- C:\Arquivos de Programas\Google\Update\Install\{173DE591-81ED-4495-BD3C-8503C3CA4C1B}\62.0.3202.45_62.0.3202.38_chrome_updater.exe
PRC - [2017/10/04 12:03:04 | 000,234,152 | ---- | M] (Intel Corporation) -- C:\Windows\Temp\DPTF\esif_assist.exe
PRC - [2017/10/03 15:39:00 | 001,123,840 | ---- | M] () -- C:\ProgramData\{4264D45F-F5CF-63F4-8633-B0B45EF92C60}\BDAA91A4-0A01-260F-14A3-9D00D744C380.exe
PRC - [2017/10/03 15:29:20 | 000,288,848 | ---- | M] (Google Inc.) -- C:\Arquivos de Programas\Google\Update\1.3.33.5\GoogleCrashHandler.exe
PRC - [2017/09/29 10:08:07 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\WindowsApps\microsoft.windowscommunicationsapps_17.8500.40955.0_x86__8wekyb3d8bbwe\HxTsr.exe
PRC - [2017/09/29 10:08:06 | 003,262,976 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\WindowsApps\microsoft.windowscommunicationsapps_17.8500.40955.0_x86__8wekyb3d8bbwe\HxOutlook.exe
PRC - [2017/09/27 07:12:12 | 001,323,352 | ---- | M] (Google Inc.) -- C:\Arquivos de Programas\Google\Chrome Beta\Application\chrome.exe
PRC - [2017/09/25 14:56:18 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\WindowsApps\Microsoft.WindowsStore_11708.1001.26.0_x86__8wekyb3d8bbwe\WinStore.App.exe
PRC - [2017/09/22 16:03:03 | 003,282,432 | ---- | M] () -- C:\Users\Jakeline Neri\AppData\Local\Temp\csrss\proxy\Tor\tor.exe
PRC - [2017/09/21 14:11:02 | 002,732,544 | ---- | M] () -- C:\Arquivos de Programas\e31c4d5e3ab6ec602570d1474d5152bf\b1f1ac80433557f7282bb364c72a9f04.exe
PRC - [2017/09/20 17:55:44 | 006,627,328 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
PRC - [2017/09/19 14:32:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe
PRC - [2017/09/13 00:26:50 | 003,879,373 | ---- | M] () -- C:\Users\Jakeline Neri\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
PRC - [2017/09/08 04:11:08 | 004,939,976 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
PRC - [2017/09/07 02:28:51 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
PRC - [2017/08/22 18:21:30 | 000,064,512 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x86__kzf8qxf38zg5c\SkypeHost.exe
PRC - [2017/08/08 02:17:12 | 000,328,712 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Windows Defender\MpCmdRun.exe
PRC - [2017/07/19 23:50:40 | 000,083,032 | ---- | M] (Adobe Systems Incorporated) -- C:\Arquivos de Programas\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2017/07/12 02:52:03 | 004,312,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2017/07/06 11:26:16 | 000,016,384 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\9E2F88E3.Twitter_5.8.1.0_x86__wgeqdkkx372wm\Twitter.Windows.exe
PRC - [2017/04/27 21:45:44 | 000,493,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SettingSyncHost.exe
PRC - [2017/04/27 21:07:07 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Windows Defender\MSASCuiL.exe
PRC - [2017/04/27 21:06:28 | 000,984,064 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Windows Defender\MSASCui.exe
PRC - [2017/03/04 03:54:38 | 007,104,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
PRC - [2017/03/04 03:47:15 | 000,330,568 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Common Files\microsoft shared\ink\TabTip.exe
PRC - [2016/11/02 08:29:48 | 000,947,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
PRC - [2016/11/02 08:05:45 | 000,313,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2016/10/10 03:26:57 | 000,043,008 | ---- | M] () -- C:\Windows\System32\ContinuumService-v1.0.4.exe
PRC - [2016/09/07 01:32:03 | 000,960,512 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe
PRC - [2016/08/06 01:02:35 | 000,082,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\ImmersiveControlPanel\SystemSettings.exe
PRC - [2016/08/06 00:47:34 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe
PRC - [2016/07/16 05:25:58 | 000,042,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ApplicationFrameHost.exe
PRC - [2016/07/16 05:25:55 | 000,072,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostw.exe
PRC - [2016/07/16 05:25:31 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2016/07/16 05:25:07 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sihost.exe
PRC - [2016/07/16 05:25:03 | 000,029,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RuntimeBroker.exe
PRC - [2015/12/21 15:38:56 | 000,221,672 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxHK.exe
PRC - [2015/12/21 15:38:52 | 000,289,256 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxEM.exe
PRC - [2015/12/21 15:38:42 | 000,310,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxCUIService.exe
PRC - [2015/08/31 16:13:32 | 001,259,184 | ---- | M] (Intel Corporation) -- C:\Windows\System32\Intel\DPTF\esif_uf.exe
PRC - [2015/08/03 12:49:48 | 000,147,160 | ---- | M] () -- C:\Arquivos de Programas\REALTEK\REALTEK Bluetooth\BTDevMgr.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2017/10/03 15:39:00 | 001,123,840 | ---- | M] () -- C:\ProgramData\{4264D45F-F5CF-63F4-8633-B0B45EF92C60}\BDAA91A4-0A01-260F-14A3-9D00D744C380.exe
MOD - [2017/09/29 10:09:26 | 000,647,352 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\microsoft.windowscommunicationsapps_17.8500.40955.0_x86__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
MOD - [2017/09/28 12:01:16 | 017,847,296 | ---- | M] () -- C:\Users\Jakeline Neri\AppData\Local\Google\Chrome Beta\User Data\PepperFlash\27.0.0.159\pepflashplayer.dll
MOD - [2017/09/27 07:12:18 | 003,075,928 | ---- | M] () -- C:\Arquivos de Programas\Google\Chrome Beta\Application\62.0.3202.38\libglesv2.dll
MOD - [2017/09/27 07:12:17 | 000,086,872 | ---- | M] () -- C:\Arquivos de Programas\Google\Chrome Beta\Application\62.0.3202.38\libegl.dll
MOD - [2017/09/25 14:56:18 | 006,545,408 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\Microsoft.WindowsStore_11708.1001.26.0_x86__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
MOD - [2017/09/25 14:56:12 | 001,661,440 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\Microsoft.WindowsStore_11708.1001.26.0_x86__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
MOD - [2017/09/14 00:58:33 | 002,890,664 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\Microsoft.WindowsStore_11708.1001.26.0_x86__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
MOD - [2017/09/07 03:29:35 | 002,048,496 | ---- | M] () -- C:\Windows\System32\CoreUIComponents.dll
MOD - [2017/09/07 02:34:31 | 003,158,528 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
MOD - [2017/09/07 02:29:44 | 000,779,776 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
MOD - [2017/09/07 02:29:16 | 001,724,928 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
MOD - [2017/09/07 02:29:15 | 001,150,464 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
MOD - [2017/08/22 18:21:33 | 027,734,016 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x86__kzf8qxf38zg5c\SkyWrap.dll
MOD - [2017/08/22 18:21:30 | 001,660,928 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x86__kzf8qxf38zg5c\skypert.dll
MOD - [2017/08/22 18:21:30 | 000,171,008 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
MOD - [2017/08/22 18:21:30 | 000,064,512 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x86__kzf8qxf38zg5c\SkypeHost.exe
MOD - [2017/07/18 23:50:08 | 002,766,336 | ---- | M] () -- C:\ProgramData\Windows\System32\Mswapi32.dll
MOD - [2017/07/06 11:26:16 | 000,016,384 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\9E2F88E3.Twitter_5.8.1.0_x86__wgeqdkkx372wm\Twitter.Windows.exe
MOD - [2017/07/06 11:26:15 | 017,818,112 | ---- | M] () -- C:\Arquivos de Programas\WindowsApps\9E2F88E3.Twitter_5.8.1.0_x86__wgeqdkkx372wm\Twitter.Windows.dll
MOD - [2017/03/04 03:24:30 | 000,321,536 | ---- | M] () -- C:\Windows\ShellExperiences\QuickActions.dll
MOD - [2017/03/04 03:04:10 | 006,726,656 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
MOD - [2016/08/06 00:21:51 | 000,526,848 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
MOD - [2016/07/16 05:25:47 | 000,108,032 | ---- | M] () -- C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\ProgramData\WinSxA.exe -- (WinSxA)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\KMSServerService\KMS Server Service.exe -- (KMSServerService)
SRV - [2017/09/22 16:03:03 | 003,282,432 | ---- | M] () [Auto | Running] -- C:\Users\Jakeline Neri\AppData\Local\Temp\csrss\proxy\Tor\tor.exe -- (TCPSvc)
SRV - [2017/09/21 14:11:02 | 002,732,544 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\e31c4d5e3ab6ec602570d1474d5152bf\b1f1ac80433557f7282bb364c72a9f04.exe -- (e31c4d5e3ab6ec602570d1474d5152bf)
SRV - [2017/09/13 00:26:50 | 003,879,373 | ---- | M] () [Auto | Running] -- C:\Users\Jakeline Neri\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe -- (WMPNetworkAcSvc)
SRV - [2017/09/08 04:10:10 | 000,213,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2017/09/07 03:28:28 | 000,583,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2017/09/07 02:51:06 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2017/09/07 02:50:57 | 000,636,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PhoneService.dll -- (PhoneSvc)
SRV - [2017/09/07 02:47:22 | 000,473,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\RDXService.dll -- (RetailDemo)
SRV - [2017/09/07 02:42:24 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2017/09/07 02:39:18 | 000,300,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2017/09/07 02:37:56 | 001,382,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\workfolderssvc.dll -- (workfolderssvc)
SRV - [2017/09/07 02:34:05 | 001,488,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2017/09/07 02:32:54 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NetSetupSvc.dll -- (NetSetupSvc)
SRV - [2017/08/08 02:17:15 | 000,084,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2017/08/08 01:47:25 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvmsession)
SRV - [2017/08/08 01:47:25 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2017/08/08 01:47:25 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2017/08/08 01:47:25 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2017/08/08 01:47:25 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2017/08/08 01:47:25 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicguestinterface)
SRV - [2017/08/08 01:30:13 | 000,918,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dosvc.dll -- (DoSvc)
SRV - [2017/07/19 23:50:40 | 000,083,032 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2017/07/12 02:23:07 | 000,425,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\usocore.dll -- (UsoSvc)
SRV - [2017/07/12 02:07:03 | 001,950,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\AppXDeploymentServer.dll -- (AppXSvc)
SRV - [2017/07/07 04:17:33 | 000,137,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV - [2017/06/21 03:51:23 | 000,446,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\tileobjserver.dll -- (tiledatamodelsvc)
SRV - [2017/06/21 03:51:11 | 000,822,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\usermgr.dll -- (UserManager)
SRV - [2017/06/21 03:50:28 | 000,565,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2017/06/21 03:49:55 | 000,441,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppReadiness.dll -- (AppReadiness)
SRV - [2017/06/21 03:49:48 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV - [2017/06/21 03:44:16 | 000,754,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ngcsvc.dll -- (NgcSvc)
SRV - [2017/06/21 03:32:12 | 000,612,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2017/04/27 22:02:55 | 000,271,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV - [2017/04/27 22:01:16 | 002,717,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2017/04/27 21:11:50 | 000,623,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2017/04/27 21:11:50 | 000,517,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FlightSettings.dll -- (wisvc)
SRV - [2017/03/04 03:25:47 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV - [2017/03/04 03:25:43 | 000,063,488 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\moshost.dll -- (MapsBroker)
SRV - [2017/03/04 03:25:40 | 000,073,216 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\tzautoupdate.dll -- (tzautoupdate)
SRV - [2017/03/04 03:21:12 | 000,579,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XblAuthManager.dll -- (XblAuthManager)
SRV - [2017/03/04 03:19:45 | 000,277,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvcext.dll -- (vmicvss)
SRV - [2017/03/04 03:19:45 | 000,277,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvcext.dll -- (vmicrdv)
SRV - [2017/03/04 03:19:15 | 000,704,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XblGameSave.dll -- (XblGameSave)
SRV - [2017/03/04 03:18:14 | 000,828,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV - [2017/03/04 03:16:20 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\Unistore.dll -- (UnistoreSvc)
SRV - [2017/03/04 03:12:46 | 000,894,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SensorDataService.exe -- (SensorDataService)
SRV - [2017/03/04 02:59:52 | 001,252,352 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\UserDataService.dll -- (UserDataSvc)
SRV - [2016/11/11 04:23:13 | 000,254,976 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\System32\cdpusersvc.dll -- (CDPUserSvc)
SRV - [2016/11/11 04:21:08 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV - [2016/11/11 04:18:41 | 000,294,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cdpsvc.dll -- (CDPSvc)
SRV - [2016/11/11 04:11:36 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2016/11/11 04:05:12 | 003,370,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\Windows.StateRepository.dll -- (StateRepository)
SRV - [2016/11/02 07:29:05 | 000,503,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FrameServer.dll -- (FrameServer)
SRV - [2016/10/10 03:26:57 | 000,043,008 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ContinuumService-v1.0.4.exe -- (ContinuumService)
SRV - [2016/09/15 13:56:50 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\RMapi.dll -- (RmSvc)
SRV - [2016/09/15 13:56:09 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SensorService.dll -- (SensorService)
SRV - [2016/09/07 01:32:03 | 000,960,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2016/08/20 02:11:31 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\LicenseManagerSvc.dll -- (LicenseManager)
SRV - [2016/08/06 00:37:40 | 000,366,592 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2016/08/06 00:33:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\smphost.dll -- (smphost)
SRV - [2016/07/16 14:34:27 | 000,154,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2016/07/16 05:26:42 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2016/07/16 05:26:40 | 000,373,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WalletService.dll -- (WalletService)
SRV - [2016/07/16 05:26:15 | 000,144,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2016/07/16 05:25:58 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2016/07/16 05:25:57 | 000,120,320 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV - [2016/07/16 05:25:57 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dmwappushsvc.dll -- (dmwappushservice)
SRV - [2016/07/16 05:25:56 | 000,036,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2016/07/16 05:25:55 | 000,155,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dcpsvc.dll -- (DcpSvc)
SRV - [2016/07/16 05:25:39 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2016/07/16 05:25:39 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV - [2016/07/16 05:25:31 | 000,330,240 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\System32\APHostService.dll -- (OneSyncSvc)
SRV - [2016/07/16 05:25:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wephostsvc.dll -- (WEPHOSTSVC)
SRV - [2016/07/16 05:25:21 | 000,253,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\TieringEngineService.exe -- (TieringEngineService)
SRV - [2016/07/16 05:25:21 | 000,104,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2016/07/16 05:25:21 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2016/07/16 05:25:10 | 000,413,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SmsRouterSvc.dll -- (SmsRouter)
SRV - [2016/07/16 05:25:09 | 000,432,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2016/07/16 05:25:08 | 000,046,080 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\MessagingService.dll -- (MessagingService)
SRV - [2016/07/16 05:25:07 | 000,294,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ncbservice.dll -- (NcbService)
SRV - [2016/07/16 05:25:07 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2016/07/16 05:25:07 | 000,259,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2016/07/16 05:25:07 | 000,195,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wpnservice.dll -- (WpnService)
SRV - [2016/07/16 05:25:07 | 000,167,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tetheringservice.dll -- (icssvc)
SRV - [2016/07/16 05:25:07 | 000,129,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV - [2016/07/16 05:25:07 | 000,058,368 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\WpnUserService.dll -- (WpnUserService)
SRV - [2016/07/16 05:25:07 | 000,030,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lfsvc.dll -- (lfsvc)
SRV - [2016/07/16 05:25:07 | 000,024,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DevQueryBroker.dll -- (DevQueryBroker)
SRV - [2016/07/16 05:25:04 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AJRouter.dll -- (AJRouter)
SRV - [2016/07/16 05:25:03 | 000,591,400 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ClipSVC.dll -- (ClipSVC)
SRV - [2016/07/16 05:25:03 | 000,159,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2016/07/16 05:25:03 | 000,121,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dssvc.dll -- (DsSvc)
SRV - [2016/07/16 05:25:03 | 000,101,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\embeddedmodesvc.dll -- (embeddedmode)
SRV - [2016/07/16 05:24:52 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\BthHFSrv.dll -- (BthHFSrv)
SRV - [2015/12/21 15:39:22 | 000,292,840 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2015/12/21 15:38:42 | 000,310,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV - [2015/08/31 16:13:32 | 001,259,184 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\Intel\DPTF\esif_uf.exe -- (esifsvc)
SRV - [2015/08/03 12:49:48 | 000,147,160 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\REALTEK\REALTEK Bluetooth\BTDevMgr.exe -- (BTDevManager)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswHdsKe.sys -- (aswHdsKe)
DRV - [2017/09/22 16:00:57 | 000,007,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Winmon.sys -- (WinMon)
DRV - [2017/09/21 14:11:02 | 000,066,872 | ---- | M] (WJICLT) [Kernel | System | Running] -- C:\Windows\System32\drivers\de61998a1bc81b5710edb3b023b327b8.sys -- (de61998a1bc81b5710edb3b023b327b8)
DRV - [2017/09/19 05:52:30 | 000,027,408 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtkdrv.sys -- (TrojanKillerDriver)
DRV - [2017/09/18 08:22:12 | 000,086,296 | ---- | M] (Driver Lace 514) [Kernel | System | Running] -- C:\Windows\System32\drivers\Lace_wpf_x86.sys -- (Lace514)
DRV - [2017/08/08 02:27:25 | 000,276,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\clfs.sys -- (CLFS)
DRV - [2017/08/08 02:17:09 | 000,459,104 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spaceport.sys -- (spaceport)
DRV - [2017/07/12 02:56:27 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\sdstor.sys -- (sdstor)
DRV - [2017/07/12 02:32:38 | 000,204,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV - [2017/07/07 05:02:38 | 000,092,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pdc.sys -- (pdc)
DRV - [2017/07/04 05:45:50 | 000,112,000 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\wfcre.sys -- (wfcre)
DRV - [2017/06/21 04:51:17 | 000,067,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\stornvme.sys -- (stornvme)
DRV - [2017/06/21 03:53:33 | 000,518,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WdiWiFi.sys -- (wdiwifi)
DRV - [2017/06/07 06:45:56 | 005,667,304 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtwlans.sys -- (RtlWlans)
DRV - [2017/06/03 06:54:53 | 000,290,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2017/06/03 06:32:39 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\BasicRender.sys -- (BasicRender)
DRV - [2017/04/27 21:20:23 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2017/03/28 02:40:27 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2017/03/04 03:59:36 | 000,055,136 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\dam.sys -- (dam)
DRV - [2017/03/04 03:52:45 | 000,111,968 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\storahci.sys -- (storahci)
DRV - [2017/03/04 03:28:22 | 000,216,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xboxgip.sys -- (xboxgip)
DRV - [2016/11/26 15:49:08 | 000,824,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pmxdrv.sys -- (pmxdrv)
DRV - [2016/11/11 04:45:26 | 000,175,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2016/11/02 08:00:03 | 000,042,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iorate.sys -- (iorate)
DRV - [2016/10/15 00:46:06 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\capimg.sys -- (CapImg)
DRV - [2016/10/15 00:33:33 | 000,188,928 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\ahcache.sys -- (ahcache)
DRV - [2016/10/05 06:46:02 | 000,056,672 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\MegaSas2i.sys -- (megasas2i)
DRV - [2016/09/27 03:25:46 | 000,315,400 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUer.sys -- (RTSUER)
DRV - [2016/09/15 14:20:51 | 000,095,072 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\wcifs.sys -- (wcifs)
DRV - [2016/09/07 02:13:09 | 000,101,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2016/08/20 02:15:11 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xinputhid.sys -- (xinputhid)
DRV - [2016/08/20 02:13:17 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BthMini.SYS -- (BthMini)
DRV - [2016/08/19 13:41:26 | 000,112,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Nau88L24Rvp.sys -- (Nau88L24Rvp)
DRV - [2016/08/06 01:22:32 | 000,173,408 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\wof.sys -- (Wof)
DRV - [2016/07/16 14:34:31 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2016/07/16 14:34:28 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2016/07/16 05:26:51 | 000,024,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2016/07/16 05:26:02 | 000,244,576 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\WdFilter.sys -- (WdFilter)
DRV - [2016/07/16 05:26:02 | 000,100,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV - [2016/07/16 05:26:02 | 000,037,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\WdBoot.sys -- (WdBoot)
DRV - [2016/07/16 05:25:56 | 000,106,496 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\Ndu.sys -- (Ndu)
DRV - [2016/07/16 05:25:55 | 000,109,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2016/07/16 05:25:55 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mslldp.sys -- (MsLldp)
DRV - [2016/07/16 05:25:51 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\applockerfltr.sys -- (applockerfltr)
DRV - [2016/07/16 05:25:41 | 000,205,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ufx01000.sys -- (Ufx01000)
DRV - [2016/07/16 05:25:41 | 000,117,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SerCx2.sys -- (SerCx2)
DRV - [2016/07/16 05:25:41 | 000,086,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV - [2016/07/16 05:25:41 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV - [2016/07/16 05:25:41 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UcmCx.sys -- (UcmCx0101)
DRV - [2016/07/16 05:25:41 | 000,060,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SpbCx.sys -- (SpbCx)
DRV - [2016/07/16 05:25:41 | 000,059,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SerCx.sys -- (SerCx)
DRV - [2016/07/16 05:25:41 | 000,042,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urscx01000.sys -- (UrsCx01000)
DRV - [2016/07/16 05:25:41 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV - [2016/07/16 05:25:41 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2016/07/16 05:25:41 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV - [2016/07/16 05:25:40 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2016/07/16 05:25:40 | 000,062,976 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\storqosflt.sys -- (storqosflt)
DRV - [2016/07/16 05:25:40 | 000,042,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\condrv.sys -- (condrv)
DRV - [2016/07/16 05:25:31 | 000,033,120 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2016/07/16 05:25:30 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mmcss.sys -- (MMCSS)
DRV - [2016/07/16 05:25:22 | 000,075,104 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2016/07/16 05:25:09 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
DRV - [2016/07/16 05:25:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV - [2016/07/16 05:25:07 | 000,135,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2016/07/16 05:25:07 | 000,088,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2016/07/16 05:25:07 | 000,058,368 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\registry.sys -- (clreg)
DRV - [2016/07/16 05:25:07 | 000,052,736 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wcnfs.sys -- (wcnfs)
DRV - [2016/07/16 05:25:01 | 000,173,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Ucx01000.sys -- (Ucx01000)
DRV - [2016/07/16 05:25:01 | 000,091,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpiex.sys -- (acpiex)
DRV - [2016/07/16 05:25:01 | 000,077,312 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\filecrypt.sys -- (FileCrypt)
DRV - [2016/07/16 05:25:01 | 000,062,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV - [2016/07/16 05:25:01 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2016/07/16 05:25:01 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Udecx.sys -- (UdeCx)
DRV - [2016/07/16 05:25:01 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vhf.sys -- (vhf)
DRV - [2016/07/16 05:24:57 | 000,430,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2016/07/16 05:24:57 | 000,107,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV - [2016/07/16 05:24:57 | 000,075,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV - [2016/07/16 05:24:57 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2016/07/16 05:24:57 | 000,066,560 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iai2c.sys -- (iai2c)
DRV - [2016/07/16 05:24:57 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2016/07/16 05:24:57 | 000,038,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV - [2016/07/16 05:24:57 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidi2c.sys -- (hidi2c)
DRV - [2016/07/16 05:24:57 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV - [2016/07/16 05:24:57 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\buttonconverter.sys -- (buttonconverter)
DRV - [2016/07/16 05:24:57 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2016/07/16 05:24:57 | 000,025,600 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iagpio.sys -- (iagpio)
DRV - [2016/07/16 05:24:57 | 000,022,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urschipidea.sys -- (UrsChipidea)
DRV - [2016/07/16 05:24:57 | 000,021,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV - [2016/07/16 05:24:57 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2016/07/16 05:24:57 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\genericusbfn.sys -- (genericusbfn)
DRV - [2016/07/16 05:24:57 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kdnic.sys -- (kdnic)
DRV - [2016/07/16 05:24:57 | 000,015,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV - [2016/07/16 05:24:55 | 000,276,832 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2016/07/16 05:24:55 | 000,059,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\uaspstor.sys -- (UASPStor)
DRV - [2016/07/16 05:24:55 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\storufs.sys -- (storufs)
DRV - [2016/07/16 05:24:55 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\uefi.sys -- (UEFI)
DRV - [2016/07/16 05:24:55 | 000,022,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iaiogpio.sys -- (GPIO)
DRV - [2016/07/16 05:24:55 | 000,014,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volume.sys -- (volume)
DRV - [2016/07/16 05:24:55 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpitime.sys -- (acpitime)
DRV - [2016/07/16 05:24:55 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\acpipagr.sys -- (acpipagr)
DRV - [2016/07/16 05:24:54 | 001,038,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\adp80xx.sys -- (ADP80XX)
DRV - [2016/07/16 05:24:54 | 000,524,640 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\iaStorAV.sys -- (iaStorAV)
DRV - [2016/07/16 05:24:54 | 000,089,952 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV - [2016/07/16 05:24:54 | 000,085,856 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\3ware.sys -- (3ware)
DRV - [2016/07/16 05:24:54 | 000,085,856 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV - [2016/07/16 05:24:54 | 000,069,472 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2016/07/16 05:24:54 | 000,061,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iaioi2c.sys -- (iaioi2c)
DRV - [2016/07/16 05:24:54 | 000,058,208 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\mvumis.sys -- (mvumis)
DRV - [2016/07/16 05:24:54 | 000,054,624 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\percsas3i.sys -- (percsas3i)
DRV - [2016/07/16 05:24:54 | 000,051,552 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\percsas2i.sys -- (percsas2i)
DRV - [2016/07/16 05:24:54 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AcpiDev.sys -- (AcpiDev)
DRV - [2016/07/16 05:24:54 | 000,008,192 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcmfn2.sys -- (bcmfn2)
DRV - [2016/07/16 05:24:54 | 000,008,192 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcmfn.sys -- (bcmfn)
DRV - [2016/07/16 05:24:53 | 000,042,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\intelpep.sys -- (intelpep)
DRV - [2016/07/16 05:24:52 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2016/07/16 05:24:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2016/07/16 05:24:52 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_x86_ed148199964e21c5\CompositeBus.sys -- (CompositeBus)
DRV - [2016/07/16 05:24:52 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2016/07/16 05:24:51 | 000,083,296 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2016/07/16 05:24:51 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2016/07/16 05:24:51 | 000,039,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2016/07/16 05:24:51 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2016/07/16 05:24:51 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2016/07/16 05:24:51 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2016/07/16 05:24:51 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2016/07/16 05:24:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmgencounter.sys -- (gencounter)
DRV - [2016/07/16 05:24:51 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmgid.sys -- (vmgid)
DRV - [2016/07/16 05:24:51 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2016/04/15 07:27:22 | 000,088,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntelBatteryManagement.sys -- (IntelBatteryManagement)
DRV - [2016/04/01 05:25:36 | 000,631,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\isstrtc.sys -- (IntelSST)
DRV - [2016/03/10 19:52:30 | 000,034,304 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iaisp32.sys -- (iaisp)
DRV - [2016/03/10 19:52:28 | 000,764,416 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iacamera32.sys -- (camera)
DRV - [2015/12/21 15:38:24 | 006,611,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32lp.sys -- (igfxLP)
DRV - [2015/11/10 23:31:28 | 000,120,120 | ---- | M] (Intel) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ISH.sys -- (ISH)
DRV - [2015/11/10 23:31:28 | 000,064,824 | ---- | M] (Intel) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ISH_BusDriver.sys -- (ISH_BusDriver)
DRV - [2015/11/10 23:31:28 | 000,042,296 | ---- | M] (Intel) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HID_PCI.sys -- (HID_PCI)
DRV - [2015/11/10 22:16:52 | 000,075,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iai2ce.sys -- (iai2ce)
DRV - [2015/10/30 02:44:28 | 000,254,976 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtux86w10.sys -- (rtux86w10)
DRV - [2015/09/15 09:52:04 | 000,033,784 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iagpioe.sys -- (iagpioe)
DRV - [2015/08/31 16:13:32 | 000,228,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\esif_lf.sys -- (esif_lf)
DRV - [2015/08/31 16:13:32 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dptf_acpi.sys -- (dptf_acpi)
DRV - [2015/08/31 16:13:32 | 000,048,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dptf_cpu.sys -- (dptf_cpu)
DRV - [2015/07/20 06:36:08 | 000,557,312 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtkUart.sys -- (RtkUart)
DRV - [2015/07/10 06:40:18 | 000,026,592 | ---- | M] (Intel(R) Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\MBI.sys -- (MBI)
DRV - [2015/07/10 06:39:52 | 000,020,992 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HidEventFilter.sys -- (HidEventFilter)
DRV - [2015/07/10 06:38:24 | 000,050,176 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iaspie.sys -- (iaspie)
DRV - [2015/07/10 06:37:38 | 000,084,480 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PMIC.sys -- (PMIC)
DRV - [2015/07/09 18:07:50 | 000,089,088 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iauarte.sys -- (iauarte)
DRV - [2015/07/02 12:36:24 | 000,131,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TXEI.sys -- (TXEI)
DRV - [2015/01/08 18:47:02 | 000,248,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV - [2014/11/05 07:03:24 | 000,082,944 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SileadTouch.sys -- (SileadTouch)
DRV - [2014/04/08 10:33:38 | 000,023,040 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1783744787-610878231-3868220124-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-1783744787-610878231-3868220124-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1783744787-610878231-3868220124-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1783744787-610878231-3868220124-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-1783744787-610878231-3868220124-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-1783744787-610878231-3868220124-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1783744787-610878231-3868220124-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8080;https=127.0.0.1:8080


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)


CHR - Extension: No name found = C:\Users\Jakeline Neri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Jakeline Neri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\Jakeline Neri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Jakeline Neri\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.13.4_0\
CHR - Extension: No name found = C:\Users\Jakeline Neri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\Jakeline Neri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: No name found = C:\Users\Jakeline Neri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6117.717.0.4_0\

O1 HOSTS File: ([2017/09/23 13:07:46 | 000,001,291 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 cpm.paneladmin.pro
O1 - Hosts: 127.0.0.1 publisher.hmdiadmingate.xyz
O1 - Hosts: 127.0.0.1 distribution.hmdiadmingate.xyz
O1 - Hosts: 127.0.0.1 hmdicrewtracksystem.xyz
O1 - Hosts: 127.0.0.1 linkmate.space
O1 - Hosts: 127.0.0.1 space1.adminpressure.space
O1 - Hosts: 127.0.0.1 trackpressure.website
O1 - Hosts: 127.0.0.1 doctorlink.space
O1 - Hosts: 127.0.0.1 plugpackdownload.net
O1 - Hosts: 127.0.0.1 texttotalk.org
O1 - Hosts: 127.0.0.1 gambling577.xyz
O1 - Hosts: 127.0.0.1 htagdownload.space
O1 - Hosts: 127.0.0.1 mybcnmonetize.com
O1 - Hosts: 127.0.0.1 360devtraking.website
O1 - Hosts: 127.0.0.1 dscdn.pw
O1 - Hosts: 127.0.0.1 beautifllink.xyz
O4 - HKLM..\Run: [WindowsDefender] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\WINDOWS\System32\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\WINDOWS\System32\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1783744787-610878231-3868220124-1001..\Run: [0f1a3hav2a2] "C:\Users\Jakeline Neri\AppData\Roaming\gm5nxhnhcjj\ruc1y1nzokk.exe" File not found
O4 - HKU\S-1-5-21-1783744787-610878231-3868220124-1001..\Run: [1ch3rbqtfc4] "C:\Users\Jakeline Neri\AppData\Roaming\2g5bm4qpfl0\mvnhiiilhvb.exe" File not found
O4 - HKU\S-1-5-21-1783744787-610878231-3868220124-1001..\Run: [1o0jz53bnmq] "C:\Users\Jakeline Neri\AppData\Roaming\py2e2icwq1o\pubfreyaxz1.exe" File not found
O4 - HKU\S-1-5-21-1783744787-610878231-3868220124-1001..\Run: [23m01aiqfv3] "C:\Users\Jakeline Neri\AppData\Roaming\eu55zz1xd1e\en4b5dsgwbd.exe" File not found
O4 - HKU\S-1-5-21-1783744787-610878231-3868220124-1001..\Run: [5v1wjojtyym] "C:\Users\Jakeline Neri\AppData\Roaming\ekmktdlspd4\vdms25sn43a.exe" File not found
O4 - HKU\S-1-5-21-1783744787-610878231-3868220124-1001..\Run: [bvhufbxggjt] "C:\Users\Jakeline Neri\AppData\Roaming\aiempx04hqx\cbioritie11.exe" File not found
O4 - HKU\S-1-5-21-1783744787-610878231-3868220124-1001..\Run: [deim42uhcpg] "C:\Users\Jakeline Neri\AppData\Roaming\nnsxmofd4ji\f2xfpozqp2b.exe" File not found
O4 - HKU\S-1-5-21-1783744787-610878231-3868220124-1001..\Run: [FrostyDarkness] "C:\WINDOWS\rss\csrss.exe" File not found
O4 - HKU\S-1-5-21-1783744787-610878231-3868220124-1001..\Run: [mytk2vkmljz] "C:\Users\Jakeline Neri\AppData\Roaming\k3ykm3y3y0s\mscgjduhpmo.exe" File not found
O4 - HKU\S-1-5-21-1783744787-610878231-3868220124-1001..\Run: [q0wvbuvqs54] "C:\Users\Jakeline Neri\AppData\Roaming\jcjoqxhkpmk\4dptkfulxj4.exe" File not found
O4 - HKU\S-1-5-21-1783744787-610878231-3868220124-1001..\Run: [r3yig2rjwi2] "C:\Users\Jakeline Neri\AppData\Roaming\j5mboi5yv3d\5egtsb3czbo.exe" File not found
O4 - HKU\S-1-5-21-1783744787-610878231-3868220124-1001..\Run: [xq3y0yfuub4] "C:\Users\Jakeline Neri\AppData\Roaming\0d0tvz5szbp\zvfhvssxk50.exe" File not found
O4 - HKU\S-1-5-21-1783744787-610878231-3868220124-1001..\Run: [yg5r1zouukk] "C:\Users\Jakeline Neri\AppData\Roaming\hemd52dv15c\en122ejavht.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\ProgramData\Windows\System32\Mswapi32.dll ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.143.136 82.163.142.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{631c14cb-c751-4d10-9e16-9d0b7d7fde08}: DhcpNameServer = 10.0.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9889666b-aa07-46d8-8cc1-029fb37e7ebc}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ed9bd347-eeb0-4a26-a8e1-4b9b2c9b5873}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ed9bd347-eeb0-4a26-a8e1-4b9b2c9b5873}: NameServer = 82.163.143.136 82.163.142.138
O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Arquivos de Programas\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Arquivos de Programas\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Arquivos de Programas\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Arquivos de Programas\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Arquivos de Programas\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/10/30 02:47:01 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2017/10/04 21:10:02 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Local\Mozilla
[2017/10/04 21:08:02 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\Mozilla
[2017/10/03 15:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\c00a82eb-2bd7-1
[2017/10/03 15:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\c00a82eb-2503-0
[2017/10/03 15:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\{4264D45F-F5CF-63F4-8633-B0B45EF92C60}
[2017/10/03 15:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\9ca10ce2
[2017/10/03 15:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\{BF5C86D2-08F7-3179-7F80-222CE56664BF}
[2017/10/03 15:38:44 | 000,000,000 | ---D | C] -- C:\ProgramData\{67df13be-512c-0}
[2017/10/03 15:38:44 | 000,000,000 | ---D | C] -- C:\ProgramData\{60872c06-712c-1}
[2017/10/03 12:30:09 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Documents\FeedbackHub
[2017/09/30 13:33:18 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Local Settings
[2017/09/30 13:33:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\tmp
[2017/09/30 13:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows
[2017/09/29 16:49:00 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Documents\Modelos Personalizados do Office
[2017/09/29 16:09:35 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\excdir
[2017/09/29 10:04:07 | 000,000,000 | ---D | C] -- C:\Program Files\rempl
[2017/09/26 11:54:34 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Documents\6º p
[2017/09/23 16:54:40 | 001,130,328 | ---- | C] (Google Inc.) -- C:\Users\Jakeline Neri\ChromeSetup.exe
[2017/09/23 16:25:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft Antimalware
[2017/09/23 15:09:03 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Documents\PROGRAMAS
[2017/09/23 15:08:57 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Documents\pra valer
[2017/09/23 15:03:23 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Documents\OBSTETRICIA
[2017/09/23 15:02:25 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Documents\LIVROS
[2017/09/23 15:02:25 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Documents\lasac
[2017/09/23 15:02:24 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Documents\COMISSÃO
[2017/09/23 15:02:22 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Documents\RESTURANTE
[2017/09/23 15:02:22 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Documents\certificado
[2017/09/23 15:02:22 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Documents\ALUGUEL
[2017/09/23 14:00:18 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Local\AVAST Software
[2017/09/23 13:56:40 | 000,000,000 | -H-D | C] -- C:\$AV_ASW
[2017/09/23 12:36:00 | 000,000,000 | ---D | C] -- C:\Program Files\57K3935N6E
[2017/09/23 12:35:52 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\2g5bm4qpfl0
[2017/09/23 12:35:42 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\vnlgp
[2017/09/23 12:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\2VPYF6YL7M
[2017/09/23 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\hemd52dv15c
[2017/09/23 12:30:24 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\22ylq44ua3r
[2017/09/23 12:24:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2017/09/23 12:20:46 | 006,903,192 | ---- | C] (AVAST Software) -- C:\avast_free_antivirus_setup_online_b1d.exe
[2017/09/23 12:13:02 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Local\TempOfficeC2RA8167DD3-B161-4EDC-A2D1-2D2CC0149E10
[2017/09/23 01:52:58 | 000,000,000 | ---D | C] -- C:\Program Files\e31c4d5e3ab6ec602570d1474d5152bf
[2017/09/23 01:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\ICBaloCIDxXU2
[2017/09/23 01:52:52 | 000,000,000 | ---D | C] -- C:\Program Files\CKCpTyVyQIE
[2017/09/23 01:52:49 | 000,000,000 | ---D | C] -- C:\Program Files\TQoarIXzU
[2017/09/23 01:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\JOX59JAYKB
[2017/09/23 01:51:43 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\rr5cdmb4c0k
[2017/09/23 01:50:50 | 000,000,000 | ---D | C] -- C:\Program Files\JYIZAVXGVQ
[2017/09/23 01:50:47 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\k3ykm3y3y0s
[2017/09/23 01:50:32 | 000,000,000 | ---D | C] -- C:\ProgramData\GridinSoft
[2017/09/23 01:50:26 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Anti-Malware
[2017/09/23 00:53:10 | 000,000,000 | ---D | C] -- C:\Program Files\8LL0BUMUJ3
[2017/09/23 00:53:04 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\ekmktdlspd4
[2017/09/23 00:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\0QV2O0K7VA
[2017/09/23 00:52:12 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\j5mboi5yv3d
[2017/09/23 00:47:16 | 000,000,000 | -H-D | C] -- C:\$SysReset
[2017/09/23 00:30:35 | 000,000,000 | ---D | C] -- C:\Program Files\97OC4XAXHB
[2017/09/23 00:30:23 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\eu55zz1xd1e
[2017/09/23 00:28:45 | 000,000,000 | ---D | C] -- C:\Program Files\RWB27U8T1V
[2017/09/23 00:28:37 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\1s1xgtfnejp
[2017/09/23 00:01:05 | 000,000,000 | ---D | C] -- C:\Program Files\8PT789WWXR
[2017/09/22 23:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\PHZ6WR7JKZ
[2017/09/22 23:22:23 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\sei5g0buycy
[2017/09/22 23:21:33 | 000,000,000 | ---D | C] -- C:\Program Files\35NFIMRJVY
[2017/09/22 23:21:32 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\frkw4zl5vfs
[2017/09/22 18:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\FYXPEOAQ7K
[2017/09/22 18:32:44 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\ytxfyeiqgdd
[2017/09/22 18:19:20 | 000,000,000 | ---D | C] -- C:\Program Files\69Q78WAXXM
[2017/09/22 18:18:30 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\nnsxmofd4ji
[2017/09/22 17:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\YAQ7ZJD37Z
[2017/09/22 17:48:24 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\py2e2icwq1o
[2017/09/22 17:43:05 | 000,000,000 | ---D | C] -- C:\Program Files\JT34XLZYON
[2017/09/22 17:42:30 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\aiempx04hqx
[2017/09/22 17:15:42 | 000,000,000 | ---D | C] -- C:\Program Files\R6Q2G0RBRL
[2017/09/22 17:15:33 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\gm5nxhnhcjj
[2017/09/22 17:14:23 | 000,000,000 | ---D | C] -- C:\Program Files\0LWSQEDJEO
[2017/09/22 17:14:19 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\jcjoqxhkpmk
[2017/09/22 17:14:19 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\Enigma Software Group
[2017/09/22 17:14:09 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Start Menu
[2017/09/22 17:12:44 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2017/09/22 17:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\RWTB9CNQCQ
[2017/09/22 17:02:58 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\0d0tvz5szbp
[2017/09/22 16:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2017/09/22 16:41:15 | 000,000,000 | ---D | C] -- C:\Program Files\l1V3kI6Yjo
[2017/09/22 16:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\79e38450-74f3-1
[2017/09/22 16:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\79e38450-49e5-0
[2017/09/22 16:24:55 | 000,000,000 | ---D | C] -- C:\Program Files\25ZPGDXIAA
[2017/09/22 16:24:49 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\qbfzxwvrhkv
[2017/09/22 16:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\SEBDYW1HEK
[2017/09/22 16:23:16 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\hh34yxzeabl
[2017/09/22 16:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\4c79ec3d-7dc7-0
[2017/09/22 16:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\4c79ec3d-7305-1
[2017/09/22 16:05:57 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\Google
[2017/09/22 16:02:24 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\EpicNet Inc
[2017/09/22 16:00:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\rss
[2017/09/22 15:57:23 | 000,000,000 | ---D | C] -- C:\Program Files\RXNII0Q4QB
[2017/09/22 15:57:15 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\yqgpicohzqd
[2017/09/22 15:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\4o8xIm4hDO
[2017/09/22 15:24:57 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\Easeware
[2017/09/22 15:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\KNR16VCR0T
[2017/09/22 15:24:38 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\vyp2jtfzn1g
[2017/09/22 15:23:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\XMUpdate
[2017/09/22 15:23:13 | 000,000,000 | ---D | C] -- C:\Program Files\2XOMMSQFRW
[2017/09/22 15:23:12 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\mfjwxwo3whk
[2017/09/22 15:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\SDownloader
[2017/09/22 15:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\I8U3J1MY7T
[2017/09/22 15:21:58 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\qzybidocxzw
[2017/09/22 15:21:34 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Roaming\WMPNetworkAcSvc
[2017/09/22 15:18:00 | 000,000,000 | ---D | C] -- C:\Microsoft
[2017/09/22 15:17:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SSL
[2017/09/22 15:16:38 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\AppData\Local\PCBooster
[2017/09/21 14:11:02 | 000,066,872 | ---- | C] (WJICLT) -- C:\WINDOWS\System32\drivers\de61998a1bc81b5710edb3b023b327b8.sys
[2017/09/21 00:23:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\KMSServerService
[2017/09/21 00:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2017/09/20 22:55:37 | 000,000,000 | ---D | C] -- C:\Users\Jakeline Neri\Desktop\Office 2016 Online
[2017/09/19 05:52:30 | 000,027,408 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\gtkdrv.sys
[2017/09/18 08:22:12 | 000,086,296 | ---- | C] (Driver Lace 514) -- C:\WINDOWS\System32\drivers\Lace_wpf_x86.sys
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2017/10/04 20:57:28 | 000,002,299 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome Beta.lnk
[2017/10/04 20:30:53 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017/10/04 12:06:38 | 003,725,934 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2017/10/04 12:06:38 | 001,364,872 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2017/10/04 12:06:38 | 001,026,084 | ---- | M] () -- C:\WINDOWS\System32\prfh0416.dat
[2017/10/04 12:06:38 | 000,659,858 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2017/10/04 12:06:38 | 000,583,548 | ---- | M] () -- C:\WINDOWS\System32\prfc0416.dat
[2017/10/04 12:03:04 | 000,000,180 | ---- | M] () -- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2017/10/04 12:02:41 | 000,031,033 | ---- | M] () -- C:\WINDOWS\3d39ef4bd441299ef70c920f6d62dc16.ps1
[2017/10/04 12:02:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2017/10/04 12:02:18 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2017/10/04 12:02:09 | 413,601,792 | -HS- | M] () -- C:\hiberfil.sys
[2017/10/04 12:01:42 | 003,932,160 | -H-- | M] () -- C:\Users\Jakeline Neri\NTUSER.DAT
[2017/10/04 12:01:40 | 000,119,154 | -H-- | M] () -- C:\Users\Jakeline Neri\AppData\Local\IconCache.db
[2017/10/03 17:05:56 | 000,006,864 | ---- | M] () -- C:\Users\Jakeline Neri\Desktop\images (4).jpg
[2017/10/03 17:05:55 | 000,016,261 | ---- | M] () -- C:\Users\Jakeline Neri\Desktop\nocanvas_demir-eksikligi-anemisi-ve-vitamin-eksikligi-anemisi-arasindaki-farklar-dxfjt.jpg
[2017/10/03 17:05:54 | 000,021,949 | ---- | M] () -- C:\Users\Jakeline Neri\Desktop\images (1).jpg
[2017/10/01 21:31:59 | 000,000,017 | ---- | M] () -- C:\Users\Jakeline Neri\AppData\Local\resmon.resmoncfg
[2017/09/23 17:08:15 | 000,000,000 | -H-- | M] () -- C:\Users\Jakeline Neri\Documents\Default.rdp
[2017/09/23 13:47:35 | 000,055,160 | ---- | M] () -- C:\WINDOWS\System32\drivers\lpsport.sys
[2017/09/23 12:37:42 | 000,000,004 | ---- | M] () -- C:\ProgramData\abl.3ets
[2017/09/23 00:54:17 | 000,000,034 | ---- | M] () -- C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
[2017/09/23 00:27:23 | 000,524,288 | -HS- | M] () -- C:\Users\Jakeline Neri\NTUSER.DAT{a9f7ed0d-52f6-11e7-ac78-ae2cd5bf4233}.TMContainer00000000000000000002.regtrans-ms
[2017/09/23 00:27:23 | 000,065,536 | -HS- | M] () -- C:\Users\Jakeline Neri\NTUSER.DAT{a9f7ed0d-52f6-11e7-ac78-ae2cd5bf4233}.TM.blf
[2017/09/23 00:27:04 | 000,001,632 | ---- | M] () -- C:\EsgInstallerResumeAction_5618b9ca69eec88e719112da87672fda
[2017/09/22 16:45:29 | 000,000,002 | ---- | M] () -- C:\END
[2017/09/22 16:00:57 | 000,007,256 | ---- | M] () -- C:\WINDOWS\System32\drivers\Winmon.sys
[2017/09/22 15:24:44 | 000,140,800 | ---- | M] () -- C:\Users\Jakeline Neri\AppData\Local\installer.dat
[2017/09/22 15:24:44 | 000,011,568 | ---- | M] () -- C:\Users\Jakeline Neri\AppData\Local\InstallationConfiguration.xml
[2017/09/21 14:11:02 | 000,406,016 | ---- | M] () -- C:\WINDOWS\41ff7355079cbc2798a3623dc82001a1.exe
[2017/09/21 14:11:02 | 000,066,872 | ---- | M] (WJICLT) -- C:\WINDOWS\System32\drivers\de61998a1bc81b5710edb3b023b327b8.sys
[2017/09/21 14:11:02 | 000,051,618 | ---- | M] () -- C:\WINDOWS\uninstaller.dat
[2017/09/19 05:52:30 | 000,027,408 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\gtkdrv.sys
[2017/09/18 08:22:12 | 000,086,296 | ---- | M] (Driver Lace 514) -- C:\WINDOWS\System32\drivers\Lace_wpf_x86.sys
[2017/09/17 19:41:28 | 000,003,817 | ---- | M] () -- C:\Users\Jakeline Neri\Documents\perguntas jake oftalmo.rtf
[2017/09/17 19:41:28 | 000,003,817 | ---- | M] () -- C:\Users\Jakeline Neri\Desktop\perguntas jake oftalmo.rtf
[2017/09/15 16:23:36 | 000,341,488 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2017/09/07 03:29:35 | 002,048,496 | ---- | M] () -- C:\WINDOWS\System32\CoreUIComponents.dll
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2017/10/03 17:05:55 | 000,016,261 | ---- | C] () -- C:\Users\Jakeline Neri\Desktop\nocanvas_demir-eksikligi-anemisi-ve-vitamin-eksikligi-anemisi-arasindaki-farklar-dxfjt.jpg
[2017/10/03 17:05:55 | 000,006,864 | ---- | C] () -- C:\Users\Jakeline Neri\Desktop\images (4).jpg
[2017/10/03 17:05:54 | 000,021,949 | ---- | C] () -- C:\Users\Jakeline Neri\Desktop\images (1).jpg
[2017/10/03 15:34:08 | 000,002,311 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome Beta.lnk
[2017/10/03 15:34:08 | 000,002,299 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome Beta.lnk
[2017/10/01 21:31:59 | 000,000,017 | ---- | C] () -- C:\Users\Jakeline Neri\AppData\Local\resmon.resmoncfg
[2017/09/26 11:55:01 | 000,003,817 | ---- | C] () -- C:\Users\Jakeline Neri\Documents\perguntas jake oftalmo.rtf
[2017/09/23 17:08:15 | 000,000,000 | -H-- | C] () -- C:\Users\Jakeline Neri\Documents\Default.rdp
[2017/09/23 13:47:35 | 000,055,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\lpsport.sys
[2017/09/23 12:37:42 | 000,000,004 | ---- | C] () -- C:\ProgramData\abl.3ets
[2017/09/23 00:27:04 | 000,001,632 | ---- | C] () -- C:\EsgInstallerResumeAction_5618b9ca69eec88e719112da87672fda
[2017/09/22 16:00:57 | 000,007,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\Winmon.sys
[2017/09/22 15:25:24 | 000,000,002 | ---- | C] () -- C:\END
[2017/09/22 15:24:44 | 000,140,800 | ---- | C] () -- C:\Users\Jakeline Neri\AppData\Local\installer.dat
[2017/09/22 15:24:44 | 000,011,568 | ---- | C] () -- C:\Users\Jakeline Neri\AppData\Local\InstallationConfiguration.xml
[2017/09/22 15:23:17 | 000,000,034 | ---- | C] () -- C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
[2017/09/22 15:18:13 | 000,031,033 | ---- | C] () -- C:\WINDOWS\3d39ef4bd441299ef70c920f6d62dc16.ps1
[2017/09/21 14:11:02 | 000,406,016 | ---- | C] () -- C:\WINDOWS\41ff7355079cbc2798a3623dc82001a1.exe
[2017/09/21 14:11:02 | 000,051,618 | ---- | C] () -- C:\WINDOWS\uninstaller.dat
[2017/09/17 19:41:28 | 000,003,817 | ---- | C] () -- C:\Users\Jakeline Neri\Desktop\perguntas jake oftalmo.rtf
[2017/09/12 18:16:07 | 002,048,496 | ---- | C] () -- C:\WINDOWS\System32\CoreUIComponents.dll
[2017/09/04 01:07:17 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2017/08/30 23:06:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\SECOH-QAD.exe
[2017/08/30 23:06:00 | 000,003,072 | ---- | C] () -- C:\WINDOWS\SECOH-QAD.dll
[2017/08/10 15:42:50 | 000,518,144 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2017/07/11 17:28:48 | 000,265,728 | ---- | C] () -- C:\WINDOWS\System32\Windows.Perception.Stub.dll
[2017/07/04 05:45:50 | 000,112,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\wfcre.sys
[2017/06/16 23:58:03 | 000,119,154 | -H-- | C] () -- C:\Users\Jakeline Neri\AppData\Local\IconCache.db
[2017/06/16 22:14:31 | 000,000,020 | -HS- | C] () -- C:\Users\Jakeline Neri\ntuser.ini
[2017/06/16 22:05:39 | 000,021,528 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2017/06/16 21:53:47 | 000,524,288 | -HS- | C] () -- C:\Users\Jakeline Neri\NTUSER.DAT{a9f7ed0d-52f6-11e7-ac78-ae2cd5bf4233}.TMContainer00000000000000000002.regtrans-ms
[2017/06/16 21:53:47 | 000,524,288 | -HS- | C] () -- C:\Users\Jakeline Neri\NTUSER.DAT{a9f7ed0d-52f6-11e7-ac78-ae2cd5bf4233}.TMContainer00000000000000000001.regtrans-ms
[2017/06/16 21:53:47 | 000,065,536 | -HS- | C] () -- C:\Users\Jakeline Neri\NTUSER.DAT{a9f7ed0d-52f6-11e7-ac78-ae2cd5bf4233}.TM.blf
[2017/06/16 21:53:46 | 003,932,160 | -H-- | C] () -- C:\Users\Jakeline Neri\NTUSER.DAT
[2017/06/16 21:49:56 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2017/06/16 21:48:50 | 000,341,488 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2017/06/12 22:28:05 | 000,000,036 | ---- | C] () -- C:\WINDOWS\progress.ini
[2016/11/26 15:49:08 | 000,824,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\pmxdrv.sys
[2016/11/26 14:38:36 | 000,082,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\SileadTouch.sys
[2016/11/26 14:34:26 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\ContinuumService-v1.0.4.exe
[2016/11/26 14:33:34 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2016/11/26 14:33:34 | 000,044,760 | ---- | C] () -- C:\WINDOWS\runSW.exe
[2016/11/26 14:32:59 | 000,050,924 | ---- | C] () -- C:\WINDOWS\System32\rtl8723b_mp_bt40_fw_asic_rom_patch.bin
[2016/11/26 14:32:59 | 000,000,080 | ---- | C] () -- C:\WINDOWS\System32\rtl8723b_config.bin
[2016/11/26 14:28:47 | 000,112,720 | ---- | C] () -- C:\WINDOWS\System32\drivers\Nau88L24Rvp.sys
[2016/11/26 14:14:23 | 000,861,160 | ---- | C] () -- C:\WINDOWS\System32\igfxSDK.exe
[2016/11/26 14:14:23 | 000,415,720 | ---- | C] () -- C:\WINDOWS\System32\igfxTray.exe
[2016/11/26 14:14:23 | 000,102,904 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxSDKLibv2_0.dll
[2016/11/26 14:14:23 | 000,092,152 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxSDKLib.dll
[2016/11/26 14:14:23 | 000,089,080 | ---- | C] () -- C:\WINDOWS\System32\igfxCUIServicePS.dll
[2016/11/26 14:14:23 | 000,086,520 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxDHLibv2_0.dll
[2016/11/26 14:14:23 | 000,074,744 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxDHLib.dll
[2016/11/26 14:14:23 | 000,020,472 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxDILibv2_0.dll
[2016/11/26 14:14:23 | 000,020,472 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxDILib.dll
[2016/11/26 14:14:23 | 000,018,936 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxEMLibv2_0.dll
[2016/11/26 14:14:23 | 000,018,936 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxEMLib.dll
[2016/11/26 14:14:23 | 000,013,816 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxLHMLibv2_0.dll
[2016/11/26 14:14:23 | 000,013,816 | ---- | C] ( ) -- C:\WINDOWS\System32\igfxLHMLib.dll
[2016/11/26 14:14:21 | 005,797,102 | ---- | C] () -- C:\WINDOWS\System32\igdclbif.bin
[2016/11/26 14:14:18 | 000,511,260 | ---- | C] () -- C:\WINDOWS\System32\cp_resources.bin
[2016/11/26 14:14:18 | 000,000,935 | ---- | C] () -- C:\WINDOWS\System32\Gfxv4_0.exe.config
[2016/11/26 14:14:18 | 000,000,935 | ---- | C] () -- C:\WINDOWS\System32\DPTopologyApp.exe.config
[2016/11/26 14:14:18 | 000,000,895 | ---- | C] () -- C:\WINDOWS\System32\Gfxv2_0.exe.config
[2016/11/26 14:14:18 | 000,000,895 | ---- | C] () -- C:\WINDOWS\System32\DPTopologyAppv2_0.exe.config
[2016/11/26 14:14:14 | 012,453,888 | ---- | C] () -- C:\WINDOWS\System32\pvl.dll
[2016/11/26 14:14:13 | 012,476,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\isp_firmware.bin
[2016/11/26 14:14:13 | 009,360,896 | ---- | C] () -- C:\WINDOWS\System32\libia_cp.dll
[2016/11/26 14:14:08 | 000,949,908 | ---- | C] () -- C:\WINDOWS\System32\drivers\realtek_fw_sst.bin
[2016/11/26 14:14:08 | 000,631,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\isstrtc.sys
[2016/11/26 14:11:23 | 003,725,934 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2016/07/16 14:32:04 | 001,026,084 | ---- | C] () -- C:\WINDOWS\System32\prfh0416.dat
[2016/07/16 14:32:04 | 000,583,548 | ---- | C] () -- C:\WINDOWS\System32\prfc0416.dat
[2016/07/16 14:32:04 | 000,328,278 | ---- | C] () -- C:\WINDOWS\System32\prfi0416.dat
[2016/07/16 14:32:04 | 000,040,752 | ---- | C] () -- C:\WINDOWS\System32\prfd0416.dat
[2016/07/16 05:31:24 | 000,296,742 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2016/07/16 05:31:24 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2016/07/16 05:31:21 | 001,364,872 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2016/07/16 05:31:21 | 000,659,858 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2016/07/16 05:30:03 | 000,215,943 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2016/07/16 05:30:03 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2016/07/16 05:25:59 | 000,055,296 | ---- | C] () -- C:\WINDOWS\System32\BWContextHandler.dll
[2016/07/16 05:25:57 | 000,060,124 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2016/07/16 05:25:51 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\GamePanelExternalHook.dll
[2016/07/16 05:25:50 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\IHDS.dll
[2016/07/16 05:25:49 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\settings.dat
[2016/07/16 05:25:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2016/07/16 05:25:30 | 004,227,116 | ---- | C] () -- C:\WINDOWS\System32\DefaultHrtfs.bin
[2016/07/16 05:25:30 | 000,304,640 | ---- | C] () -- C:\WINDOWS\System32\HrtfApo.dll
[2016/07/16 05:25:30 | 000,149,044 | ---- | C] () -- C:\WINDOWS\System32\LargeRoom.bin
[2016/07/16 05:25:30 | 000,110,024 | ---- | C] () -- C:\WINDOWS\System32\MediumRoom.bin
[2016/07/16 05:25:30 | 000,069,776 | ---- | C] () -- C:\WINDOWS\System32\SmallRoom.bin
[2016/07/16 05:25:30 | 000,046,908 | ---- | C] () -- C:\WINDOWS\System32\OutdoorAudioEnvironment.bin
[2016/07/16 05:25:21 | 000,056,119 | ---- | C] () -- C:\WINDOWS\System32\srms.dat
[2016/07/16 05:25:08 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\BthpanContextHandler.dll
[2016/07/16 05:25:08 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2016/07/16 05:25:08 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\VpnSohDesktop.dll
[2016/07/16 05:25:08 | 000,002,307 | ---- | C] () -- C:\WINDOWS\System32\WimBootCompress.ini
[2016/07/16 05:25:07 | 000,190,976 | ---- | C] () -- C:\WINDOWS\System32\ism32k.dll
[2016/07/16 05:25:07 | 000,167,640 | ---- | C] () -- C:\WINDOWS\System32\chs_singlechar_pinyin.dat
[2016/07/16 05:25:01 | 000,062,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\NetAdapterCx.sys
[2015/10/30 02:48:46 | 000,000,219 | ---- | C] () -- C:\WINDOWS\system.ini
[2015/10/30 02:48:46 | 000,000,092 | ---- | C] () -- C:\WINDOWS\win.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2017/09/07 03:21:38 | 005,722,320 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 05:25:47 | 000,779,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2016/07/16 05:25:47 | 000,404,480 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >[/color]
"DefaultConnectionSettings" = 46 00 00 00 BF 00 00 00 0B 00 00 00 28 00 00 00 68 74 74 70 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 30 38 30 3B 68 74 74 70 73 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 30 38 30 07 00 00 00 3C 6C 6F 63 61 6C 3E 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
"SavedLegacySettings" = 46 00 00 00 8D 06 00 00 0B 00 00 00 28 00 00 00 68 74 74 70 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 30 38 30 3B 68 74 74 70 73 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 30 38 30 07 00 00 00 3C 6C 6F 63 61 6C 3E 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]

< End of report >

Publicité

Signaler le contenu de ce document

Publicité