OTL.Txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 30/11/2017 23:05:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\fauquant\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18838)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,44 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 59,35% Memory free
4,75 Gb Paging File | 3,21 Gb Available in Paging File | 67,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,15 Gb Total Space | 423,74 Gb Free Space | 92,89% Space Free | Partition Type: NTFS
Drive D: | 457,11 Gb Total Space | 456,96 Gb Free Space | 99,97% Space Free | Partition Type: NTFS

Computer Name: PC-SALON | User Name: fauquant | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2017/11/30 23:02:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\fauquant\Desktop\OTL.exe
PRC - [2017/09/27 19:27:08 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/20 11:28:58 | 000,524,944 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
PRC - [2012/07/14 00:27:00 | 000,769,432 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012/07/04 18:57:44 | 000,990,320 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2017/11/27 20:16:45 | 001,628,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2017/11/27 20:16:44 | 000,361,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2017/11/27 20:16:44 | 000,119,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2017/11/27 20:16:40 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2017/11/27 20:16:22 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2017/11/27 20:16:16 | 000,840,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2017/11/27 20:00:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2017/11/27 19:59:41 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2017/11/27 19:58:36 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2017/11/27 19:58:01 | 001,673,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2017/11/27 19:49:35 | 000,522,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2017/11/27 19:48:33 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2016/06/07 21:32:07 | 002,988,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2015/05/12 14:19:37 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2014/11/21 00:19:54 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2014/11/21 00:19:03 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2014/11/21 00:19:00 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:55 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:55 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:51 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:42 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:41 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:41 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:40 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:37 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:32 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:32 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:32 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:31 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:27 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:27 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:27 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:16 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:16 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:16 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:16 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:16 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:16 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:16 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2014/11/21 00:18:01 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/11/21 00:17:55 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/07/21 22:04:24 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2014/07/04 21:33:34 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:[b]64bit:[/b] - [2013/01/18 13:35:18 | 000,660,040 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2017/11/27 19:49:35 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2017/11/11 04:03:53 | 000,326,144 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\NIS.exe -- (NIS)
SRV - [2017/09/27 19:27:08 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016/06/07 21:32:07 | 002,988,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2015/02/18 19:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/11/21 00:19:24 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/11/21 00:18:02 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/08/15 11:44:50 | 003,943,104 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2012/07/14 00:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2017/11/27 21:37:09 | 000,102,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2017/11/27 20:32:26 | 000,058,176 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2017/11/27 20:32:26 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2017/11/27 20:21:51 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2017/11/27 20:16:44 | 000,274,776 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2017/11/27 20:16:44 | 000,117,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2017/11/27 20:16:44 | 000,046,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2017/11/27 20:16:23 | 000,922,968 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2017/11/27 20:16:17 | 000,376,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2017/11/27 20:16:16 | 000,422,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2017/11/27 20:16:16 | 000,086,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2017/11/27 20:16:16 | 000,057,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2017/11/27 20:05:14 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2017/11/27 20:04:35 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2017/11/27 20:00:24 | 000,155,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2017/11/27 19:58:27 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2017/11/27 19:56:12 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2017/11/27 19:55:27 | 000,468,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2017/11/27 19:53:30 | 000,072,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2017/11/11 00:31:25 | 000,566,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\160B020.007\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2017/11/11 00:31:06 | 001,938,584 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\160B020.007\symefasi64.sys -- (SymEFASI)
DRV:[b]64bit:[/b] - [2017/11/11 00:31:06 | 000,024,608 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\NISx64\160B020.007\symelam.sys -- (SymELAM)
DRV:[b]64bit:[/b] - [2017/11/11 00:29:34 | 000,309,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\160B020.007\ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2017/11/11 00:28:36 | 000,187,544 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\160B020.007\ccsetx64.sys -- (ccSet_NIS)
DRV:[b]64bit:[/b] - [2017/11/11 00:28:12 | 000,812,696 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\160B020.007\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2017/11/11 00:28:12 | 000,049,304 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\160B020.007\srtspx64.sys -- (SRTSPX)
DRV:[b]64bit:[/b] - [2017/11/08 16:55:00 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2015/08/05 11:16:44 | 003,860,224 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlanu.sys -- (RtlWlanu)
DRV:[b]64bit:[/b] - [2014/11/21 00:20:09 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2014/11/21 00:19:56 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2014/11/21 00:19:54 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2014/11/21 00:18:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2014/11/21 00:18:51 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2014/11/21 00:18:51 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2014/11/21 00:18:36 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2014/11/21 00:17:57 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2014/11/21 00:17:55 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2014/11/21 00:17:55 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2014/11/20 23:55:05 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2014/11/20 23:54:51 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2014/11/20 23:54:51 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2014/11/20 23:27:16 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2014/07/21 22:04:28 | 013,209,088 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2014/07/21 22:04:28 | 000,626,688 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/03/19 11:47:24 | 000,792,648 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:[b]64bit:[/b] - [2013/02/14 12:41:14 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2012/12/21 08:41:42 | 000,258,784 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2012/11/30 07:31:02 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:[b]64bit:[/b] - [2012/11/30 07:31:00 | 000,080,552 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:[b]64bit:[/b] - [2012/08/28 13:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2012/05/26 01:56:14 | 000,168,608 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NARAx64\0401000.00E\ccSetx64.sys -- (ccSet_NARA)
DRV:[b]64bit:[/b] - [2012/04/16 13:32:18 | 000,038,504 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtkIOAC60.sys -- (RtkIOAC60)
DRV - [2017/11/25 01:09:44 | 000,508,056 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2017/11/25 01:09:44 | 000,158,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2017/11/24 21:28:31 | 001,056,920 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\22.11.0.41\Definitions\IPSDefs\20171124.001\IDSvia64.sys -- (IDSVia64)
DRV - [2017/11/20 15:08:08 | 001,872,024 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\22.11.0.41\Definitions\BASHDefs\20171120.003\BHDrvx64.sys -- (BHDrvx64)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0C4138F2-FF83-45A8-8C84-038432EF278E}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0C4138F2-FF83-45A8-8C84-038432EF278E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}: "URL" = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0C4138F2-FF83-45A8-8C84-038432EF278E}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0C4138F2-FF83-45A8-8C84-038432EF278E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS
IE - HKLM\..\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}: "URL" = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3960534284-2636876331-3666670334-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3960534284-2636876331-3666670334-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/
IE - HKU\S-1-5-21-3960534284-2636876331-3666670334-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = FF DB 2B 0D BE 67 D3 01 [binary data]
IE - HKU\S-1-5-21-3960534284-2636876331-3666670334-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-3960534284-2636876331-3666670334-1001\..\SearchScopes,DefaultScope = {0C4138F2-FF83-45A8-8C84-038432EF278E}
IE - HKU\S-1-5-21-3960534284-2636876331-3666670334-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-3960534284-2636876331-3666670334-1001\..\SearchScopes\{7CD2117B-D825-426D-B5EE-D057B92499B6}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-3960534284-2636876331-3666670334-1001\..\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}: "URL" = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
IE - HKU\S-1-5-21-3960534284-2636876331-3666670334-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\

O1 HOSTS File: ([2013/08/22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Norton Identity Safety) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Identity Safety) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.2.7\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\IPS\IPSBHO.DLL File not found
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.2.7\coIEPlg.dll (Symantec Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [WindowsDefender] "%ProgramFiles%\Windows Defender\MSASCuiL.exe" File not found
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{29F52AA4-1975-456B-B699-EBABD29A5AC3}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B57BE79C-B5DA-4704-9AC5-424B0E17DACF}: DhcpNameServer = 89.2.0.1 89.2.0.2
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] TBS - Service
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] netprofm - C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdpencdd.sys - Driver
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] SmartcardSimulator - Driver
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] TBS - Service
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] VaultSvc - C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] VirtualSmartcardReader - Driver
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] Wcmsvc - C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\Windows\System32\ie4uinit.exe -EnableTLS
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {89B54F84-762C-3F30-89E8-757610C41D62} - .NET Framework
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {85D0F709-94B1-33F7-B96D-1C968970B191} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2017/11/30 23:02:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\fauquant\Desktop\OTL.exe
[2017/11/30 22:34:29 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Local\Programs
[2017/11/30 20:40:49 | 000,000,000 | ---D | C] -- C:\Users\fauquant\Documents\My DAP Downloads
[2017/11/30 20:40:40 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Roaming\SpeedBit
[2017/11/30 20:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedBit
[2017/11/29 21:28:44 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascfg.dll
[2017/11/29 21:28:44 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rascfg.dll
[2017/11/29 21:27:48 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2017/11/29 21:27:48 | 000,136,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2017/11/29 21:27:48 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2017/11/29 21:27:48 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2017/11/29 21:27:48 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2017/11/29 21:27:47 | 001,436,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2017/11/29 21:27:47 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2017/11/29 21:27:47 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2017/11/29 21:25:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdgeoqw.dll
[2017/11/29 21:25:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kbdgeoqw.dll
[2017/11/29 21:25:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDAZST.DLL
[2017/11/29 21:25:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDAZST.DLL
[2017/11/29 21:25:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDAZEL.DLL
[2017/11/29 21:25:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDAZEL.DLL
[2017/11/29 21:25:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDAZE.DLL
[2017/11/29 21:25:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDAZE.DLL
[2017/11/29 21:06:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appraiser
[2017/11/29 07:07:29 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2017/11/29 07:07:29 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2017/11/29 06:23:20 | 000,030,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aspnet_counters.dll
[2017/11/29 06:23:16 | 000,029,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aspnet_counters.dll
[2017/11/29 06:22:50 | 000,690,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp120_clr0400.dll
[2017/11/29 06:22:50 | 000,485,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp120_clr0400.dll
[2017/11/29 06:22:50 | 000,018,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr100_clr0400.dll
[2017/11/29 06:22:36 | 000,018,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll
[2017/11/29 06:22:16 | 000,993,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr120_clr0400.dll
[2017/11/29 06:22:16 | 000,987,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr120_clr0400.dll
[2017/11/29 06:07:56 | 001,487,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2017/11/29 06:07:54 | 018,825,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2017/11/29 06:07:52 | 015,158,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2017/11/29 06:07:36 | 002,635,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CertEnroll.dll
[2017/11/29 06:07:35 | 000,261,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2017/11/29 06:07:34 | 002,317,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertEnroll.dll
[2017/11/29 06:07:33 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webio.dll
[2017/11/29 06:07:32 | 003,820,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcore.dll
[2017/11/29 06:07:32 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webio.dll
[2017/11/29 06:07:31 | 003,273,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpcore.dll
[2017/11/29 06:07:31 | 000,331,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2017/11/29 06:07:31 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Geolocation.dll
[2017/11/29 06:07:31 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2017/11/29 06:07:31 | 000,072,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys
[2017/11/29 06:07:29 | 000,737,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2017/11/29 06:07:29 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationApi.dll
[2017/11/29 06:07:29 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationApi.dll
[2017/11/29 06:07:29 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Geolocation.dll
[2017/11/29 06:07:29 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpresult.exe
[2017/11/29 06:07:29 | 000,125,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptxml.dll
[2017/11/29 06:07:29 | 000,099,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptxml.dll
[2017/11/29 06:07:29 | 000,034,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserAccountBroker.exe
[2017/11/29 06:07:29 | 000,030,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserAccountBroker.exe
[2017/11/29 06:07:28 | 000,754,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2017/11/29 06:07:27 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfgLib.dll
[2017/11/29 06:07:27 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hbaapi.dll
[2017/11/29 06:07:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfapigp.dll
[2017/11/29 06:07:26 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpresult.exe
[2017/11/29 06:07:26 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfapigp.dll
[2017/11/29 06:07:25 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvecpl.dll
[2017/11/29 06:07:25 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll
[2017/11/29 06:07:25 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll
[2017/11/29 06:07:25 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hbaapi.dll
[2017/11/29 06:07:25 | 000,032,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidparse.sys
[2017/11/29 06:07:25 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxp.dll
[2017/11/29 06:06:51 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tracerpt.exe
[2017/11/29 06:06:51 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tracerpt.exe
[2017/11/29 06:06:51 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2017/11/29 06:06:33 | 002,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2017/11/29 06:06:33 | 000,605,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2017/11/29 06:06:33 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2017/11/29 06:06:33 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2017/11/29 06:06:33 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2017/11/29 06:06:33 | 000,143,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2017/11/29 06:06:32 | 001,570,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2017/11/29 06:06:32 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2017/11/29 06:06:32 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2017/11/29 06:06:32 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\centel.dll
[2017/11/29 05:59:50 | 002,755,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2017/11/29 05:59:50 | 002,411,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2017/11/29 05:59:49 | 000,133,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RestoreOptIn.exe
[2017/11/29 05:59:49 | 000,113,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RestoreOptIn.exe
[2017/11/29 05:59:39 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2017/11/29 05:59:39 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2017/11/29 05:58:34 | 000,197,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dssenh.dll
[2017/11/29 05:58:33 | 000,360,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpclip.exe
[2017/11/29 05:58:18 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2017/11/29 05:58:17 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2017/11/29 05:57:45 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzsync.exe
[2017/11/29 01:27:23 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2017/11/28 23:23:32 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2017/11/27 22:16:23 | 000,000,000 | ---D | C] -- C:\Users\fauquant\.swt
[2017/11/27 22:13:41 | 000,000,000 | ---D | C] -- C:\Program Files\Vuze
[2017/11/27 22:13:40 | 000,000,000 | ---D | C] -- C:\Users\fauquant\Documents\Vuze Downloads
[2017/11/27 22:13:16 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Roaming\Azureus
[2017/11/27 22:12:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2017/11/27 22:12:01 | 000,091,808 | ---- | C] (Azureus Software, Inc.) -- C:\Users\fauquant\Desktop\VuzeBittorrentClientInstaller.exe
[2017/11/27 21:50:11 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Local\Diagnostics
[2017/11/27 21:21:13 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Local\AMD
[2017/11/27 21:17:02 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Roaming\Identities
[2017/11/27 21:05:39 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2017/11/27 20:52:26 | 000,000,000 | --SD | C] -- C:\Users\fauquant\AppData\Roaming\Microsoft
[2017/11/27 20:52:26 | 000,000,000 | R--D | C] -- C:\Users\fauquant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2017/11/27 20:52:26 | 000,000,000 | R--D | C] -- C:\Users\fauquant\Favorites
[2017/11/27 20:52:26 | 000,000,000 | R--D | C] -- C:\Users\fauquant\Documents
[2017/11/27 20:52:26 | 000,000,000 | R--D | C] -- C:\Users\fauquant\Desktop
[2017/11/27 20:52:26 | 000,000,000 | R--D | C] -- C:\Users\fauquant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2017/11/27 20:52:26 | 000,000,000 | R--D | C] -- C:\Users\fauquant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\Voisinage réseau
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\Voisinage d'impression
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\AppData\Local\Temporary Internet Files
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\SendTo
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\Recent
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\Modèles
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\Documents\Mes vidéos
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\Documents\Mes images
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\Mes documents
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\Menu Démarrer
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\Documents\Ma musique
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\Local Settings
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\AppData\Local\Historique
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\Cookies
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\Application Data
[2017/11/27 20:52:26 | 000,000,000 | -HSD | C] -- C:\Users\fauquant\AppData\Local\Application Data
[2017/11/27 20:52:26 | 000,000,000 | -H-D | C] -- C:\Users\fauquant\AppData
[2017/11/27 20:52:26 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Local\Temp
[2017/11/27 20:52:26 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Local\Microsoft
[2017/11/27 20:52:26 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2017/11/27 20:43:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2017/11/27 20:43:12 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2017/11/27 20:42:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2017/11/27 20:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2017/11/27 20:41:55 | 000,000,000 | ---D | C] -- C:\AMD
[2017/11/27 20:41:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2017/11/27 20:41:33 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2017/11/27 20:41:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2017/11/27 20:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2017/11/27 20:40:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2017/11/27 20:38:20 | 000,000,000 | -HSD | C] -- C:\Recovery
[2017/11/27 20:38:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2017/11/27 20:33:39 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcpl.dll
[2017/11/27 20:33:22 | 007,032,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2017/11/27 20:33:22 | 006,213,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2017/11/27 20:33:22 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2017/11/27 20:33:22 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2017/11/27 20:33:01 | 004,710,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2017/11/27 20:32:27 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2017/11/27 20:32:27 | 000,962,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2017/11/27 20:32:27 | 000,885,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2017/11/27 20:32:27 | 000,801,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2017/11/27 20:32:27 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2017/11/27 20:32:26 | 004,837,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2017/11/27 20:32:26 | 001,574,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vssapi.dll
[2017/11/27 20:32:26 | 001,154,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2017/11/27 20:32:26 | 000,733,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2017/11/27 20:32:26 | 000,514,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2017/11/27 20:32:26 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll
[2017/11/27 20:32:26 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\QSHVHOST.DLL
[2017/11/27 20:32:26 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\QSHVHOST.DLL
[2017/11/27 20:32:26 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\splwow64.exe
[2017/11/27 20:32:26 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\QSVRMGMT.DLL
[2017/11/27 20:32:26 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\QSVRMGMT.DLL
[2017/11/27 20:32:26 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdiag.dll
[2017/11/27 20:32:26 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vsstrace.dll
[2017/11/27 20:32:26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdiag.dll
[2017/11/27 20:32:26 | 000,058,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys
[2017/11/27 20:32:26 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kmddsp.tsp
[2017/11/27 20:32:26 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasmxs.dll
[2017/11/27 20:32:26 | 000,039,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2017/11/27 20:32:26 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kmddsp.tsp
[2017/11/27 20:32:26 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasmxs.dll
[2017/11/27 20:32:26 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasser.dll
[2017/11/27 20:32:26 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasser.dll
[2017/11/27 20:32:26 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eventcls.dll
[2017/11/27 20:32:26 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eventcls.dll
[2017/11/27 20:30:57 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msra.exe
[2017/11/27 20:29:55 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpsapi.dll
[2017/11/27 20:29:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpsapi.dll
[2017/11/27 20:29:38 | 004,417,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2017/11/27 20:29:38 | 002,985,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2017/11/27 20:29:38 | 001,491,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2017/11/27 20:29:38 | 001,207,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2017/11/27 20:29:13 | 000,177,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2017/11/27 20:29:13 | 000,148,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2017/11/27 20:28:50 | 002,745,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2017/11/27 20:28:50 | 002,528,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2017/11/27 20:28:50 | 002,450,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVENCOD.DLL
[2017/11/27 20:28:50 | 002,447,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVENCOD.DLL
[2017/11/27 20:28:50 | 002,334,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2017/11/27 20:28:50 | 002,324,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2017/11/27 20:28:50 | 001,877,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2adec.dll
[2017/11/27 20:28:50 | 001,798,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2017/11/27 20:28:50 | 001,664,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOE.DLL
[2017/11/27 20:28:50 | 001,484,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2adec.dll
[2017/11/27 20:28:50 | 001,411,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOE.DLL
[2017/11/27 20:28:50 | 001,288,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2017/11/27 20:28:50 | 001,210,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMADMOD.DLL
[2017/11/27 20:28:50 | 001,150,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMADMOE.DLL
[2017/11/27 20:28:50 | 001,115,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2017/11/27 20:28:50 | 001,037,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMADMOD.DLL
[2017/11/27 20:28:50 | 001,010,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOD.DLL
[2017/11/27 20:28:50 | 000,914,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMADMOE.DLL
[2017/11/27 20:28:50 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOD.DLL
[2017/11/27 20:28:50 | 000,850,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2017/11/27 20:28:50 | 000,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFWMAAEC.DLL
[2017/11/27 20:28:50 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVXENCD.DLL
[2017/11/27 20:28:50 | 000,735,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2017/11/27 20:28:50 | 000,700,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2017/11/27 20:28:50 | 000,644,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVXENCD.DLL
[2017/11/27 20:28:50 | 000,629,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP4SDECD.DLL
[2017/11/27 20:28:50 | 000,584,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2017/11/27 20:28:50 | 000,557,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVSDECD.DLL
[2017/11/27 20:28:50 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qdvd.dll
[2017/11/27 20:28:50 | 000,492,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVSDECD.DLL
[2017/11/27 20:28:50 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFWMAAEC.DLL
[2017/11/27 20:28:50 | 000,463,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP4SDECD.DLL
[2017/11/27 20:28:50 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVSENCD.DLL
[2017/11/27 20:28:50 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVSENCD.DLL
[2017/11/27 20:28:50 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysFxUI.dll
[2017/11/27 20:28:50 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qdvd.dll
[2017/11/27 20:28:50 | 000,299,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VIDRESZR.DLL
[2017/11/27 20:28:50 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ksproxy.ax
[2017/11/27 20:28:50 | 000,275,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MPG4DECD.DLL
[2017/11/27 20:28:50 | 000,274,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP43DECD.DLL
[2017/11/27 20:28:50 | 000,250,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MPG4DECD.DLL
[2017/11/27 20:28:50 | 000,248,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP43DECD.DLL
[2017/11/27 20:28:50 | 000,246,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RESAMPLEDMO.DLL
[2017/11/27 20:28:50 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ksproxy.ax
[2017/11/27 20:28:50 | 000,244,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2017/11/27 20:28:50 | 000,229,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RESAMPLEDMO.DLL
[2017/11/27 20:28:50 | 000,203,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\COLORCNV.DLL
[2017/11/27 20:28:50 | 000,184,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\COLORCNV.DLL
[2017/11/27 20:28:50 | 000,183,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VIDRESZR.DLL
[2017/11/27 20:28:50 | 000,116,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP3DMOD.DLL
[2017/11/27 20:28:50 | 000,110,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2017/11/27 20:28:50 | 000,099,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP3DMOD.DLL
[2017/11/27 20:28:50 | 000,090,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devenum.dll
[2017/11/27 20:28:50 | 000,090,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfvdsp.dll
[2017/11/27 20:28:50 | 000,081,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\devenum.dll
[2017/11/27 20:28:50 | 000,076,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfvdsp.dll
[2017/11/27 20:28:01 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhotoMetadataHandler.dll
[2017/11/27 20:28:01 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PhotoMetadataHandler.dll
[2017/11/27 20:27:45 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2017/11/27 20:27:00 | 001,090,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2017/11/27 20:27:00 | 000,791,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2017/11/27 20:26:41 | 000,672,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2017/11/27 20:26:41 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2017/11/27 20:26:41 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsDatabase.dll
[2017/11/27 20:26:02 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2017/11/27 20:24:30 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2017/11/27 20:24:30 | 001,018,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2017/11/27 20:23:38 | 000,898,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2017/11/27 20:23:38 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2017/11/27 20:23:38 | 000,532,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDec.dll
[2017/11/27 20:23:38 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EncDec.dll
[2017/11/27 20:23:38 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cfgbkend.dll
[2017/11/27 20:23:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cfgbkend.dll
[2017/11/27 20:23:09 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2017/11/27 20:22:23 | 000,363,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ws2_32.dll
[2017/11/27 20:22:07 | 000,534,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2017/11/27 20:22:07 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2017/11/27 20:21:51 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys
[2017/11/27 20:21:35 | 000,971,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2017/11/27 20:21:35 | 000,811,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2017/11/27 20:21:35 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2017/11/27 20:21:35 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2017/11/27 20:20:50 | 000,360,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll
[2017/11/27 20:20:36 | 000,046,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContentServer.exe
[2017/11/27 20:20:22 | 000,669,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hhctrl.ocx
[2017/11/27 20:20:22 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hhctrl.ocx
[2017/11/27 20:20:07 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappcfg.dll
[2017/11/27 20:20:07 | 000,339,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapphost.dll
[2017/11/27 20:20:07 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapp3hst.dll
[2017/11/27 20:20:07 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappcfg.dll
[2017/11/27 20:20:07 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapphost.dll
[2017/11/27 20:20:07 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapp3hst.dll
[2017/11/27 20:20:07 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappgnui.dll
[2017/11/27 20:20:07 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappgnui.dll
[2017/11/27 20:19:37 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsparse.dll
[2017/11/27 20:19:37 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsparse.dll
[2017/11/27 20:16:45 | 002,513,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2017/11/27 20:16:45 | 001,628,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2017/11/27 20:16:45 | 001,495,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2017/11/27 20:16:45 | 000,995,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase.dll
[2017/11/27 20:16:45 | 000,922,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucrtbase.dll
[2017/11/27 20:16:45 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2017/11/27 20:16:45 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2017/11/27 20:16:45 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-private-l1-1-0.dll
[2017/11/27 20:16:45 | 000,063,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-private-l1-1-0.dll
[2017/11/27 20:16:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msobjs.dll
[2017/11/27 20:16:45 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-math-l1-1-0.dll
[2017/11/27 20:16:45 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cmimcext.sys
[2017/11/27 20:16:45 | 000,020,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-math-l1-1-0.dll
[2017/11/27 20:16:45 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
[2017/11/27 20:16:45 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-multibyte-l1-1-0.dll
[2017/11/27 20:16:45 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-string-l1-1-0.dll
[2017/11/27 20:16:45 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-string-l1-1-0.dll
[2017/11/27 20:16:45 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
[2017/11/27 20:16:45 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-stdio-l1-1-0.dll
[2017/11/27 20:16:45 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
[2017/11/27 20:16:45 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-runtime-l1-1-0.dll
[2017/11/27 20:16:45 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
[2017/11/27 20:16:45 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-convert-l1-1-0.dll
[2017/11/27 20:16:45 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-time-l1-1-0.dll
[2017/11/27 20:16:45 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-time-l1-1-0.dll
[2017/11/27 20:16:45 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
[2017/11/27 20:16:45 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-filesystem-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-process-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-process-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-heap-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-conio-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-utility-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-locale-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-environment-l1-1-0.dll
[2017/11/27 20:16:44 | 002,881,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2017/11/27 20:16:44 | 000,685,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2017/11/27 20:16:44 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntprint.dll
[2017/11/27 20:16:44 | 000,274,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2017/11/27 20:16:44 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2017/11/27 20:16:44 | 000,117,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2017/11/27 20:16:44 | 000,069,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apisetschema.dll
[2017/11/27 20:16:44 | 000,046,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2017/11/27 20:16:44 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsdchngr.dll
[2017/11/27 20:16:44 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll
[2017/11/27 20:16:44 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll
[2017/11/27 20:16:43 | 003,631,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2017/11/27 20:16:43 | 002,749,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2017/11/27 20:16:43 | 002,551,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2017/11/27 20:16:43 | 001,920,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2017/11/27 20:16:43 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2017/11/27 20:16:43 | 000,699,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2017/11/27 20:16:43 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2017/11/27 20:16:43 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2017/11/27 20:16:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2017/11/27 20:16:43 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssphtb.dll
[2017/11/27 20:16:42 | 013,317,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2017/11/27 20:16:42 | 009,323,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmploc.DLL
[2017/11/27 20:16:42 | 009,323,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmploc.DLL
[2017/11/27 20:16:42 | 003,547,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2017/11/27 20:16:42 | 001,317,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2017/11/27 20:16:42 | 001,102,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2017/11/27 20:16:42 | 000,955,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2017/11/27 20:16:42 | 000,787,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2017/11/27 20:16:42 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll
[2017/11/27 20:16:42 | 000,497,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2017/11/27 20:16:42 | 000,399,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2017/11/27 20:16:42 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2017/11/27 20:16:42 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DafPrintProvider.dll
[2017/11/27 20:16:42 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiapi.dll
[2017/11/27 20:16:42 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll
[2017/11/27 20:16:42 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmjpegdec.dll
[2017/11/27 20:16:42 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2017/11/27 20:16:42 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmjpegdec.dll
[2017/11/27 20:16:41 | 015,431,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2017/11/27 20:16:41 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2017/11/27 20:16:41 | 000,807,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2017/11/27 20:16:41 | 000,662,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2017/11/27 20:16:41 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2017/11/27 20:16:41 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2017/11/27 20:16:41 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2017/11/27 20:16:41 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2017/11/27 20:16:41 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2017/11/27 20:16:41 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2017/11/27 20:16:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2017/11/27 20:16:40 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2017/11/27 20:16:40 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2017/11/27 20:16:40 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2017/11/27 20:16:40 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2017/11/27 20:16:40 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2017/11/27 20:16:39 | 005,979,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017/11/27 20:16:39 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017/11/27 20:16:39 | 002,058,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017/11/27 20:16:39 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2017/11/27 20:16:39 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2017/11/27 20:16:39 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll
[2017/11/27 20:16:39 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2017/11/27 20:16:39 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2017/11/27 20:16:32 | 012,879,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2017/11/27 20:16:32 | 005,270,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2017/11/27 20:16:32 | 002,712,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2017/11/27 20:16:32 | 001,566,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2017/11/27 20:16:32 | 000,954,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2017/11/27 20:16:32 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2017/11/27 20:16:32 | 000,548,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2017/11/27 20:16:32 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2017/11/27 20:16:32 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2017/11/27 20:16:32 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2017/11/27 20:16:32 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2017/11/27 20:16:32 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dab.dll
[2017/11/27 20:16:32 | 000,091,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2017/11/27 20:16:32 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sscore.dll
[2017/11/27 20:16:31 | 005,274,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glcndFilter.dll
[2017/11/27 20:16:31 | 002,537,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2017/11/27 20:16:31 | 002,464,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2017/11/27 20:16:31 | 001,323,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wdc.dll
[2017/11/27 20:16:31 | 001,108,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2017/11/27 20:16:31 | 001,060,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certutil.exe
[2017/11/27 20:16:31 | 000,868,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2017/11/27 20:16:31 | 000,837,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoconv.exe
[2017/11/27 20:16:31 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcprx.dll
[2017/11/27 20:16:31 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2017/11/27 20:16:31 | 000,530,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2017/11/27 20:16:31 | 000,513,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2017/11/27 20:16:31 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wvc.dll
[2017/11/27 20:16:31 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sysmon.ocx
[2017/11/27 20:16:31 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlansec.dll
[2017/11/27 20:16:31 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uReFS.dll
[2017/11/27 20:16:31 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPTpm12.dll
[2017/11/27 20:16:31 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprapi.dll
[2017/11/27 20:16:31 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msinfo32.exe
[2017/11/27 20:16:31 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprddm.dll
[2017/11/27 20:16:31 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2017/11/27 20:16:31 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtrmgr.dll
[2017/11/27 20:16:31 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pdh.dll
[2017/11/27 20:16:31 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scksp.dll
[2017/11/27 20:16:31 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2017/11/27 20:16:31 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastapi.dll
[2017/11/27 20:16:31 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GlobCollationHost.dll
[2017/11/27 20:16:31 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ifsutil.dll
[2017/11/27 20:16:31 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasppp.dll
[2017/11/27 20:16:31 | 000,174,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\basecsp.dll
[2017/11/27 20:16:31 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ulib.dll
[2017/11/27 20:16:31 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uudf.dll
[2017/11/27 20:16:31 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ufat.dll
[2017/11/27 20:16:31 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shsetup.dll
[2017/11/27 20:16:31 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adsmsext.dll
[2017/11/27 20:16:31 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uexfat.dll
[2017/11/27 20:16:31 | 000,066,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appidapi.dll
[2017/11/27 20:16:31 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xolehlp.dll
[2017/11/27 20:16:31 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2017/11/27 20:16:31 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certenc.dll
[2017/11/27 20:16:31 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cnvfat.dll
[2017/11/27 20:16:31 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfdprov.dll
[2017/11/27 20:16:31 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mgmtapi.dll
[2017/11/27 20:16:30 | 000,308,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wevtapi.dll
[2017/11/27 20:16:30 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmWmiPl.dll
[2017/11/27 20:16:30 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmitomi.dll
[2017/11/27 20:16:30 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAuto.dll
[2017/11/27 20:16:30 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAgent.dll
[2017/11/27 20:16:29 | 004,298,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll
[2017/11/27 20:16:29 | 003,084,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2017/11/27 20:16:29 | 001,753,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2017/11/27 20:16:29 | 001,541,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2017/11/27 20:16:29 | 001,384,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2017/11/27 20:16:29 | 001,364,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2017/11/27 20:16:29 | 000,537,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2017/11/27 20:16:29 | 000,388,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017/11/27 20:16:29 | 000,373,080 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2017/11/27 20:16:29 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAnimation.dll
[2017/11/27 20:16:29 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2017/11/27 20:16:29 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\t2embed.dll
[2017/11/27 20:16:29 | 000,140,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2017/11/27 20:16:29 | 000,044,032 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2017/11/27 20:16:29 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2017/11/27 20:16:28 | 014,466,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2017/11/27 20:16:28 | 007,797,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2017/11/27 20:16:28 | 007,078,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glcndFilter.dll
[2017/11/27 20:16:28 | 003,120,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2017/11/27 20:16:28 | 002,779,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2017/11/27 20:16:28 | 002,315,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2017/11/27 20:16:28 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2017/11/27 20:16:28 | 001,763,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2017/11/27 20:16:28 | 001,220,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2017/11/27 20:16:28 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2017/11/27 20:16:28 | 000,738,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10level9.dll
[2017/11/27 20:16:28 | 000,584,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mscms.dll
[2017/11/27 20:16:28 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icm32.dll
[2017/11/27 20:16:28 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shdocvw.dll
[2017/11/27 20:16:28 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shsetup.dll
[2017/11/27 20:16:28 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdsdwmdr.dll
[2017/11/27 20:16:27 | 001,095,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2017/11/27 20:16:27 | 000,865,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2017/11/27 20:16:27 | 000,512,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2017/11/27 20:16:27 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2017/11/27 20:16:27 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntprint.dll
[2017/11/27 20:16:27 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DafPrintProvider.dll
[2017/11/27 20:16:27 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiapi.dll
[2017/11/27 20:16:27 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsdchngr.dll
[2017/11/27 20:16:23 | 002,240,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2017/11/27 20:16:23 | 001,674,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2017/11/27 20:16:23 | 001,534,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2017/11/27 20:16:23 | 001,499,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2017/11/27 20:16:23 | 001,370,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2017/11/27 20:16:23 | 001,001,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe
[2017/11/27 20:16:23 | 000,922,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys
[2017/11/27 20:16:23 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2017/11/27 20:16:23 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2017/11/27 20:16:23 | 000,607,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2017/11/27 20:16:23 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017/11/27 20:16:23 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2017/11/27 20:16:23 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2017/11/27 20:16:23 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprapi.dll
[2017/11/27 20:16:23 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2017/11/27 20:16:23 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprddm.dll
[2017/11/27 20:16:23 | 000,374,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2017/11/27 20:16:23 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtrmgr.dll
[2017/11/27 20:16:23 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2017/11/27 20:16:23 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToDevice.dll
[2017/11/27 20:16:23 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasppp.dll
[2017/11/27 20:16:23 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2017/11/27 20:16:23 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastapi.dll
[2017/11/27 20:16:23 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToDevice.dll
[2017/11/27 20:16:23 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2017/11/27 20:16:23 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasman.dll
[2017/11/27 20:16:23 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2017/11/27 20:16:23 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2017/11/27 20:16:23 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2017/11/27 20:16:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2017/11/27 20:16:23 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mgmtapi.dll
[2017/11/27 20:16:22 | 003,320,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2017/11/27 20:16:22 | 002,896,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2017/11/27 20:16:22 | 001,697,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2017/11/27 20:16:22 | 001,662,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2017/11/27 20:16:22 | 001,501,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2017/11/27 20:16:22 | 001,436,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wdc.dll
[2017/11/27 20:16:22 | 001,388,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2017/11/27 20:16:22 | 001,292,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certutil.exe
[2017/11/27 20:16:22 | 001,200,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2017/11/27 20:16:22 | 000,925,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoconv.exe
[2017/11/27 20:16:22 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2017/11/27 20:16:22 | 000,871,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcprx.dll
[2017/11/27 20:16:22 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wvc.dll
[2017/11/27 20:16:22 | 000,557,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2017/11/27 20:16:22 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uReFS.dll
[2017/11/27 20:16:22 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tpmvsc.dll
[2017/11/27 20:16:22 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPTpm12.dll
[2017/11/27 20:16:22 | 000,380,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2017/11/27 20:16:22 | 000,371,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msinfo32.exe
[2017/11/27 20:16:22 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2017/11/27 20:16:22 | 000,324,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2017/11/27 20:16:22 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GlobCollationHost.dll
[2017/11/27 20:16:22 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pdh.dll
[2017/11/27 20:16:22 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityService.dll
[2017/11/27 20:16:22 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wisp.dll
[2017/11/27 20:16:22 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2017/11/27 20:16:22 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scksp.dll
[2017/11/27 20:16:22 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSCard.dll
[2017/11/27 20:16:22 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionQueue.dll
[2017/11/27 20:16:22 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ifsutil.dll
[2017/11/27 20:16:22 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smbwmiv2.dll
[2017/11/27 20:16:22 | 000,202,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basecsp.dll
[2017/11/27 20:16:22 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appidpolicyconverter.exe
[2017/11/27 20:16:22 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFWSD.dll
[2017/11/27 20:16:22 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ulib.dll
[2017/11/27 20:16:22 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2017/11/27 20:16:22 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uudf.dll
[2017/11/27 20:16:22 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ScDeviceEnum.dll
[2017/11/27 20:16:22 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ufat.dll
[2017/11/27 20:16:22 | 000,118,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2017/11/27 20:16:22 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adsmsext.dll
[2017/11/27 20:16:22 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2017/11/27 20:16:22 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uexfat.dll
[2017/11/27 20:16:22 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsiwmi.dll
[2017/11/27 20:16:22 | 000,075,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appidapi.dll
[2017/11/27 20:16:22 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsidsc.dll
[2017/11/27 20:16:22 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2017/11/27 20:16:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xolehlp.dll
[2017/11/27 20:16:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2017/11/27 20:16:22 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certenc.dll
[2017/11/27 20:16:22 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2017/11/27 20:16:22 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cnvfat.dll
[2017/11/27 20:16:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsium.dll
[2017/11/27 20:16:22 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convert.exe
[2017/11/27 20:16:22 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appidcertstorecheck.exe
[2017/11/27 20:16:17 | 002,471,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2017/11/27 20:16:17 | 000,420,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtapi.dll
[2017/11/27 20:16:17 | 000,377,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmrdvcore.dll
[2017/11/27 20:16:17 | 000,376,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2017/11/27 20:16:17 | 000,315,224 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2017/11/27 20:16:17 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2017/11/27 20:16:17 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmitomi.dll
[2017/11/27 20:16:17 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAuto.dll
[2017/11/27 20:16:17 | 000,121,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tm.sys
[2017/11/27 20:16:17 | 000,035,840 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2017/11/27 20:16:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAgent.dll
[2017/11/27 20:16:16 | 007,439,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017/11/27 20:16:16 | 003,551,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
[2017/11/27 20:16:16 | 002,176,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2017/11/27 20:16:16 | 001,968,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2017/11/27 20:16:16 | 001,946,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2017/11/27 20:16:16 | 001,737,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2017/11/27 20:16:16 | 001,491,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2017/11/27 20:16:16 | 001,311,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjet40.dll
[2017/11/27 20:16:16 | 001,135,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017/11/27 20:16:16 | 001,063,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2017/11/27 20:16:16 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mswdat10.dll
[2017/11/27 20:16:16 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2017/11/27 20:16:16 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2017/11/27 20:16:16 | 000,803,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2017/11/27 20:16:16 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2017/11/27 20:16:16 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2017/11/27 20:16:16 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2017/11/27 20:16:16 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mswstr10.dll
[2017/11/27 20:16:16 | 000,616,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrepl40.dll
[2017/11/27 20:16:16 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxbde40.dll
[2017/11/27 20:16:16 | 000,470,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2017/11/27 20:16:16 | 000,450,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2017/11/27 20:16:16 | 000,443,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbport.sys
[2017/11/27 20:16:16 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2017/11/27 20:16:16 | 000,422,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2017/11/27 20:16:16 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspbde40.dll
[2017/11/27 20:16:16 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wldap32.dll
[2017/11/27 20:16:16 | 000,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd3x40.dll
[2017/11/27 20:16:16 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msexcl40.dll
[2017/11/27 20:16:16 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd2x40.dll
[2017/11/27 20:16:16 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjtes40.dll
[2017/11/27 20:16:16 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authz.dll
[2017/11/27 20:16:16 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstext40.dll
[2017/11/27 20:16:16 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAnimation.dll
[2017/11/27 20:16:16 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msltus40.dll
[2017/11/27 20:16:16 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wisp.dll
[2017/11/27 20:16:16 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2017/11/27 20:16:16 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2017/11/27 20:16:16 | 000,160,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IPHLPAPI.DLL
[2017/11/27 20:16:16 | 000,152,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2017/11/27 20:16:16 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininit.exe
[2017/11/27 20:16:16 | 000,137,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncrypt.dll
[2017/11/27 20:16:16 | 000,136,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2017/11/27 20:16:16 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2017/11/27 20:16:16 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\t2embed.dll
[2017/11/27 20:16:16 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2017/11/27 20:16:16 | 000,107,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2017/11/27 20:16:16 | 000,086,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2017/11/27 20:16:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjter40.dll
[2017/11/27 20:16:16 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2017/11/27 20:16:16 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsiwmi.dll
[2017/11/27 20:16:16 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msobjs.dll
[2017/11/27 20:16:16 | 000,057,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2017/11/27 20:16:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsidsc.dll
[2017/11/27 20:16:16 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sscore.dll
[2017/11/27 20:16:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2017/11/27 20:16:16 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2017/11/27 20:16:16 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2017/11/27 20:16:16 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsium.dll
[2017/11/27 20:16:16 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjint40.dll
[2017/11/27 20:07:02 | 000,951,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2017/11/27 20:07:02 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2017/11/27 20:07:02 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UtcResources.dll
[2017/11/27 20:06:07 | 000,653,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comctl32.dll
[2017/11/27 20:05:57 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2017/11/27 20:05:57 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2017/11/27 20:05:40 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clfsw32.dll
[2017/11/27 20:05:40 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clfsw32.dll
[2017/11/27 20:05:31 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys
[2017/11/27 20:05:22 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSync.dll
[2017/11/27 20:05:22 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinSync.dll
[2017/11/27 20:05:14 | 000,239,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2017/11/27 20:05:14 | 000,154,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2017/11/27 20:05:00 | 000,397,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2017/11/27 20:05:00 | 000,340,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2017/11/27 20:05:00 | 000,179,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2017/11/27 20:04:43 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgradeui.exe
[2017/11/27 20:04:35 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys
[2017/11/27 20:04:27 | 000,570,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2017/11/27 20:03:46 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWbPrxy.exe
[2017/11/27 20:03:30 | 000,218,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll
[2017/11/27 20:01:27 | 002,067,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpdshext.dll
[2017/11/27 20:01:19 | 001,488,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfc42u.dll
[2017/11/27 20:01:19 | 001,464,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfc42.dll
[2017/11/27 20:01:19 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc42u.dll
[2017/11/27 20:01:19 | 001,204,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc42.dll
[2017/11/27 20:01:01 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2017/11/27 20:01:01 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2017/11/27 20:00:41 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basesrv.dll
[2017/11/27 20:00:24 | 000,155,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys
[2017/11/27 20:00:17 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NcdAutoSetup.dll
[2017/11/27 20:00:10 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2017/11/27 19:59:41 | 002,819,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2017/11/27 19:59:41 | 002,592,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themecpl.dll
[2017/11/27 19:59:41 | 002,551,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themecpl.dll
[2017/11/27 19:59:41 | 002,171,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlowUI.dll
[2017/11/27 19:59:41 | 001,348,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2017/11/27 19:59:41 | 001,278,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2017/11/27 19:59:41 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2017/11/27 19:59:41 | 000,955,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2017/11/27 19:59:41 | 000,841,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2017/11/27 19:59:41 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2017/11/27 19:59:41 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2017/11/27 19:59:41 | 000,653,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2017/11/27 19:59:41 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hgcpl.dll
[2017/11/27 19:59:41 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hgcpl.dll
[2017/11/27 19:59:41 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2017/11/27 19:59:41 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2017/11/27 19:59:41 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2017/11/27 19:59:41 | 000,273,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2017/11/27 19:59:41 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingMonitor.dll
[2017/11/27 19:59:41 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2017/11/27 19:59:41 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2017/11/27 19:59:41 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingMonitor.dll
[2017/11/27 19:58:49 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2017/11/27 19:58:36 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2017/11/27 19:58:27 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2017/11/27 19:58:07 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rgb9rast.dll
[2017/11/27 19:58:01 | 001,673,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2017/11/27 19:58:01 | 000,787,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2017/11/27 19:57:43 | 000,292,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMASF.DLL
[2017/11/27 19:57:05 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StorageContextHandler.dll
[2017/11/27 19:57:05 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StorageContextHandler.dll
[2017/11/27 19:56:31 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\polstore.dll
[2017/11/27 19:56:31 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\polstore.dll
[2017/11/27 19:56:31 | 000,135,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2017/11/27 19:56:31 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FwRemoteSvr.dll
[2017/11/27 19:56:31 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FwRemoteSvr.dll
[2017/11/27 19:56:21 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupStatusProvider.dll
[2017/11/27 19:56:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceSetupStatusProvider.dll
[2017/11/27 19:56:12 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2017/11/27 19:56:12 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2017/11/27 19:56:12 | 000,136,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2017/11/27 19:56:03 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\csrsrv.dll
[2017/11/27 19:55:45 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\compstui.dll
[2017/11/27 19:55:36 | 001,307,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2017/11/27 19:55:27 | 000,468,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2017/11/27 19:55:27 | 000,027,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbd.sys
[2017/11/27 19:55:14 | 001,707,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comsvcs.dll
[2017/11/27 19:55:14 | 001,344,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comsvcs.dll
[2017/11/27 19:55:14 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\catsrvut.dll
[2017/11/27 19:55:14 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\catsrvut.dll
[2017/11/27 19:55:02 | 000,410,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2017/11/27 19:54:57 | 001,156,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2017/11/27 19:54:57 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2017/11/27 19:54:57 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2017/11/27 19:54:50 | 000,487,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2017/11/27 19:54:50 | 000,393,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2017/11/27 19:54:43 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shacct.dll
[2017/11/27 19:54:43 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shacct.dll
[2017/11/27 19:54:37 | 002,162,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2017/11/27 19:54:37 | 001,812,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2017/11/27 19:54:23 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskeng.exe
[2017/11/27 19:54:23 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\schtasks.exe
[2017/11/27 19:54:23 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\schtasks.exe
[2017/11/27 19:54:16 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2017/11/27 19:54:16 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2017/11/27 19:54:10 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\calc.exe
[2017/11/27 19:54:10 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\calc.exe
[2017/11/27 19:54:04 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2017/11/27 19:53:55 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2017/11/27 19:53:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll
[2017/11/27 19:53:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wu.upgrade.ps.dll
[2017/11/27 19:53:30 | 000,072,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vpci.sys
[2017/11/27 19:53:25 | 000,183,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2017/11/27 19:52:47 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InkEd.dll
[2017/11/27 19:52:46 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InkEd.dll
[2017/11/27 19:52:25 | 000,723,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2017/11/27 19:52:25 | 000,560,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2017/11/27 19:51:53 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rmcast.sys
[2017/11/27 19:51:44 | 002,256,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2017/11/27 19:51:44 | 001,943,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2017/11/27 19:51:38 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scesrv.dll
[2017/11/27 19:51:38 | 000,393,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scesrv.dll
[2017/11/27 19:51:34 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\atlthunk.dll
[2017/11/27 19:51:14 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mtxoci.dll
[2017/11/27 19:51:14 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msorcl32.dll
[2017/11/27 19:51:14 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxoci.dll
[2017/11/27 19:51:14 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setup16.exe
[2017/11/27 19:51:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntvdm64.dll
[2017/11/27 19:51:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntvdm64.dll
[2017/11/27 19:51:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2017/11/27 19:51:14 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\instnm.exe
[2017/11/27 19:51:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wow32.dll
[2017/11/27 19:51:14 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\user.exe
[2017/11/27 19:50:53 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2017/11/27 19:50:53 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2017/11/27 19:49:35 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GeofenceMonitorService.dll
[2017/11/27 19:49:35 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GeofenceMonitorService.dll
[2017/11/27 19:49:25 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2017/11/27 19:49:25 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2017/11/27 19:48:52 | 001,728,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2017/11/27 19:48:52 | 001,546,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2017/11/27 19:48:43 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\photowiz.dll
[2017/11/27 19:48:43 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\photowiz.dll
[2017/11/27 19:48:33 | 000,531,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017/11/27 19:48:33 | 000,413,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2017/11/27 19:48:33 | 000,372,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2017/11/27 19:48:33 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2017/11/27 19:48:33 | 000,108,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll
[2017/11/27 19:48:33 | 000,038,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2017/11/27 19:48:33 | 000,033,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2017/11/27 19:46:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2017/11/27 19:46:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2017/11/27 19:46:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer
[2017/11/27 19:46:01 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2017/11/27 19:46:01 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2017/11/27 19:45:13 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2017/11/27 19:45:12 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2017/11/27 19:44:44 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdbinst.exe
[2017/11/27 19:44:44 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdbinst.exe
[2017/11/27 00:34:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2017/11/26 23:25:49 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Local\Skype
[2017/11/26 23:25:40 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Roaming\Skype
[2017/11/26 23:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2017/11/26 23:25:27 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2017/11/26 23:25:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2017/11/26 23:25:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2017/11/26 23:24:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2017/11/26 23:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2017/11/26 23:22:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2017/11/26 20:13:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\AutoUpdateLicense
[2017/11/26 18:19:40 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Roaming\Macromedia
[2017/11/26 02:51:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Migration
[2017/11/26 02:36:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MRT
[2017/11/26 02:36:34 | 127,017,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MRT-KB890830.exe
[2017/11/25 02:40:49 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\rars.rs
[2017/11/25 02:40:49 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\rars.rs
[2017/11/25 02:29:30 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Local\CEF
[2017/11/25 02:29:16 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Local\CrashDumps
[2017/11/25 02:26:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2017/11/25 02:26:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2017/11/25 02:24:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2017/11/25 02:23:14 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Local\Adobe
[2017/11/25 02:08:25 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2017/11/25 01:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2017/11/25 00:55:13 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Roaming\ATI
[2017/11/25 00:55:13 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Local\ATI
[2017/11/25 00:50:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
[2017/11/25 00:49:50 | 000,000,000 | ---D | C] -- C:\ProgramData\OEM_YAHOO
[2017/11/25 00:49:35 | 000,000,000 | R--D | C] -- C:\Users\fauquant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2017/11/25 00:49:35 | 000,000,000 | R--D | C] -- C:\Users\fauquant\Searches
[2017/11/25 00:49:35 | 000,000,000 | R--D | C] -- C:\Users\fauquant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2017/11/25 00:49:34 | 000,000,000 | R--D | C] -- C:\Users\fauquant\Contacts
[2017/11/25 00:49:34 | 000,000,000 | -H-D | C] -- C:\Users\fauquant\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2017/11/25 00:49:28 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Roaming\Adobe
[2017/11/25 00:46:32 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Local\VirtualStore
[2017/11/25 00:46:27 | 000,000,000 | ---D | C] -- C:\Users\fauquant\AppData\Local\Packages
[2017/11/25 00:46:22 | 000,000,000 | R--D | C] -- C:\Users\fauquant\Videos
[2017/11/25 00:46:22 | 000,000,000 | R--D | C] -- C:\Users\fauquant\Saved Games
[2017/11/25 00:46:22 | 000,000,000 | R--D | C] -- C:\Users\fauquant\Pictures
[2017/11/25 00:46:22 | 000,000,000 | R--D | C] -- C:\Users\fauquant\Music
[2017/11/25 00:46:22 | 000,000,000 | R--D | C] -- C:\Users\fauquant\Links
[2017/11/25 00:46:22 | 000,000,000 | R--D | C] -- C:\Users\fauquant\Downloads
[2017/11/25 00:44:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2017/11/25 00:44:04 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2017/11/25 00:44:04 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2017/11/25 00:44:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2017/11/25 00:44:04 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2017/11/25 00:44:04 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2017/11/25 00:44:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2017/11/25 00:43:35 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2017/11/30 23:07:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017/11/30 23:02:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\fauquant\Desktop\OTL.exe
[2017/11/30 22:50:30 | 001,817,064 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017/11/30 22:50:30 | 000,805,600 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat
[2017/11/30 22:50:30 | 000,723,176 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017/11/30 22:50:30 | 000,156,456 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat
[2017/11/30 22:50:30 | 000,135,732 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017/11/30 22:48:13 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017/11/30 22:46:10 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2017/11/30 22:46:06 | 2950,692,864 | -HS- | M] () -- C:\hiberfil.sys
[2017/11/30 22:37:56 | 000,002,560 | ---- | M] () -- C:\WINDOWS\_MSRSTRT.EXE
[2017/11/30 19:25:55 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2017/11/29 22:54:56 | 004,585,057 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\Cat.DB
[2017/11/29 21:39:01 | 000,337,928 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017/11/27 22:41:28 | 000,002,439 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2017/11/27 22:16:02 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2017/11/27 22:16:02 | 000,001,822 | ---- | M] () -- C:\Users\fauquant\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2017/11/27 22:12:02 | 000,091,808 | ---- | M] (Azureus Software, Inc.) -- C:\Users\fauquant\Desktop\VuzeBittorrentClientInstaller.exe
[2017/11/27 21:37:09 | 000,102,600 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2017/11/27 21:37:09 | 000,008,471 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2017/11/27 21:37:09 | 000,000,855 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2017/11/27 21:09:21 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2017/11/27 21:09:21 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2017/11/27 21:08:59 | 000,023,108 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2017/11/27 20:41:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2017/11/27 20:41:53 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\spu_storage.bin
[2017/11/27 20:33:39 | 000,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcpl.dll
[2017/11/27 20:33:22 | 007,032,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2017/11/27 20:33:22 | 006,213,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2017/11/27 20:33:22 | 001,101,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2017/11/27 20:33:22 | 000,856,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2017/11/27 20:33:01 | 004,710,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2017/11/27 20:32:27 | 001,027,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2017/11/27 20:32:27 | 000,962,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2017/11/27 20:32:27 | 000,885,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2017/11/27 20:32:27 | 000,801,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2017/11/27 20:32:27 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2017/11/27 20:32:26 | 004,837,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2017/11/27 20:32:26 | 001,574,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vssapi.dll
[2017/11/27 20:32:26 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2017/11/27 20:32:26 | 000,733,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2017/11/27 20:32:26 | 000,514,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2017/11/27 20:32:26 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll
[2017/11/27 20:32:26 | 000,211,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\QSHVHOST.DLL
[2017/11/27 20:32:26 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\QSHVHOST.DLL
[2017/11/27 20:32:26 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\splwow64.exe
[2017/11/27 20:32:26 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\QSVRMGMT.DLL
[2017/11/27 20:32:26 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\QSVRMGMT.DLL
[2017/11/27 20:32:26 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdiag.dll
[2017/11/27 20:32:26 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vsstrace.dll
[2017/11/27 20:32:26 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdiag.dll
[2017/11/27 20:32:26 | 000,058,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys
[2017/11/27 20:32:26 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kmddsp.tsp
[2017/11/27 20:32:26 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasmxs.dll
[2017/11/27 20:32:26 | 000,039,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2017/11/27 20:32:26 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kmddsp.tsp
[2017/11/27 20:32:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasmxs.dll
[2017/11/27 20:32:26 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasser.dll
[2017/11/27 20:32:26 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasser.dll
[2017/11/27 20:32:26 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eventcls.dll
[2017/11/27 20:32:26 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eventcls.dll
[2017/11/27 20:30:57 | 000,616,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msra.exe
[2017/11/27 20:29:55 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpsapi.dll
[2017/11/27 20:29:55 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpsapi.dll
[2017/11/27 20:29:38 | 004,417,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2017/11/27 20:29:38 | 002,985,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2017/11/27 20:29:38 | 001,491,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2017/11/27 20:29:38 | 001,207,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2017/11/27 20:29:13 | 000,177,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2017/11/27 20:29:13 | 000,148,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2017/11/27 20:28:50 | 002,745,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2017/11/27 20:28:50 | 002,528,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2017/11/27 20:28:50 | 002,450,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVENCOD.DLL
[2017/11/27 20:28:50 | 002,447,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVENCOD.DLL
[2017/11/27 20:28:50 | 002,334,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2017/11/27 20:28:50 | 002,324,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2017/11/27 20:28:50 | 001,877,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2adec.dll
[2017/11/27 20:28:50 | 001,798,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2017/11/27 20:28:50 | 001,664,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOE.DLL
[2017/11/27 20:28:50 | 001,484,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2adec.dll
[2017/11/27 20:28:50 | 001,411,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOE.DLL
[2017/11/27 20:28:50 | 001,288,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2017/11/27 20:28:50 | 001,210,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMADMOD.DLL
[2017/11/27 20:28:50 | 001,150,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMADMOE.DLL
[2017/11/27 20:28:50 | 001,115,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2017/11/27 20:28:50 | 001,037,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMADMOD.DLL
[2017/11/27 20:28:50 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOD.DLL
[2017/11/27 20:28:50 | 000,914,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMADMOE.DLL
[2017/11/27 20:28:50 | 000,887,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOD.DLL
[2017/11/27 20:28:50 | 000,850,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2017/11/27 20:28:50 | 000,743,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFWMAAEC.DLL
[2017/11/27 20:28:50 | 000,736,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVXENCD.DLL
[2017/11/27 20:28:50 | 000,735,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2017/11/27 20:28:50 | 000,700,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2017/11/27 20:28:50 | 000,644,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVXENCD.DLL
[2017/11/27 20:28:50 | 000,629,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP4SDECD.DLL
[2017/11/27 20:28:50 | 000,584,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2017/11/27 20:28:50 | 000,557,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVSDECD.DLL
[2017/11/27 20:28:50 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qdvd.dll
[2017/11/27 20:28:50 | 000,492,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVSDECD.DLL
[2017/11/27 20:28:50 | 000,468,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFWMAAEC.DLL
[2017/11/27 20:28:50 | 000,463,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP4SDECD.DLL
[2017/11/27 20:28:50 | 000,451,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVSENCD.DLL
[2017/11/27 20:28:50 | 000,402,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVSENCD.DLL
[2017/11/27 20:28:50 | 000,378,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysFxUI.dll
[2017/11/27 20:28:50 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qdvd.dll
[2017/11/27 20:28:50 | 000,299,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VIDRESZR.DLL
[2017/11/27 20:28:50 | 000,289,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ksproxy.ax
[2017/11/27 20:28:50 | 000,275,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MPG4DECD.DLL
[2017/11/27 20:28:50 | 000,274,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP43DECD.DLL
[2017/11/27 20:28:50 | 000,250,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MPG4DECD.DLL
[2017/11/27 20:28:50 | 000,248,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP43DECD.DLL
[2017/11/27 20:28:50 | 000,246,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RESAMPLEDMO.DLL
[2017/11/27 20:28:50 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ksproxy.ax
[2017/11/27 20:28:50 | 000,244,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2017/11/27 20:28:50 | 000,229,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RESAMPLEDMO.DLL
[2017/11/27 20:28:50 | 000,203,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\COLORCNV.DLL
[2017/11/27 20:28:50 | 000,184,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\COLORCNV.DLL
[2017/11/27 20:28:50 | 000,183,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VIDRESZR.DLL
[2017/11/27 20:28:50 | 000,116,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP3DMOD.DLL
[2017/11/27 20:28:50 | 000,110,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2017/11/27 20:28:50 | 000,099,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP3DMOD.DLL
[2017/11/27 20:28:50 | 000,090,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devenum.dll
[2017/11/27 20:28:50 | 000,090,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfvdsp.dll
[2017/11/27 20:28:50 | 000,081,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\devenum.dll
[2017/11/27 20:28:50 | 000,076,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfvdsp.dll
[2017/11/27 20:28:01 | 000,445,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhotoMetadataHandler.dll
[2017/11/27 20:28:01 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PhotoMetadataHandler.dll
[2017/11/27 20:27:45 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2017/11/27 20:27:00 | 001,090,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2017/11/27 20:27:00 | 000,791,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2017/11/27 20:26:41 | 000,672,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2017/11/27 20:26:41 | 000,463,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2017/11/27 20:26:41 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsDatabase.dll
[2017/11/27 20:26:02 | 000,564,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2017/11/27 20:24:30 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2017/11/27 20:24:30 | 001,018,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2017/11/27 20:23:38 | 000,898,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2017/11/27 20:23:38 | 000,702,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2017/11/27 20:23:38 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDec.dll
[2017/11/27 20:23:38 | 000,443,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EncDec.dll
[2017/11/27 20:23:38 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cfgbkend.dll
[2017/11/27 20:23:38 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cfgbkend.dll
[2017/11/27 20:23:09 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2017/11/27 20:22:23 | 000,363,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ws2_32.dll
[2017/11/27 20:22:07 | 000,534,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2017/11/27 20:22:07 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2017/11/27 20:21:51 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys
[2017/11/27 20:21:35 | 000,971,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2017/11/27 20:21:35 | 000,811,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2017/11/27 20:21:35 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2017/11/27 20:21:35 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2017/11/27 20:20:50 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll
[2017/11/27 20:20:36 | 000,046,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContentServer.exe
[2017/11/27 20:20:22 | 000,669,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hhctrl.ocx
[2017/11/27 20:20:22 | 000,536,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hhctrl.ocx
[2017/11/27 20:20:07 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappcfg.dll
[2017/11/27 20:20:07 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapphost.dll
[2017/11/27 20:20:07 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapp3hst.dll
[2017/11/27 20:20:07 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappcfg.dll
[2017/11/27 20:20:07 | 000,266,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapphost.dll
[2017/11/27 20:20:07 | 000,250,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapp3hst.dll
[2017/11/27 20:20:07 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappgnui.dll
[2017/11/27 20:20:07 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappgnui.dll
[2017/11/27 20:19:37 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsparse.dll
[2017/11/27 20:19:37 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsparse.dll
[2017/11/27 20:16:45 | 002,513,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2017/11/27 20:16:45 | 001,628,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2017/11/27 20:16:45 | 001,495,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2017/11/27 20:16:45 | 000,995,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase.dll
[2017/11/27 20:16:45 | 000,922,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucrtbase.dll
[2017/11/27 20:16:45 | 000,756,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2017/11/27 20:16:45 | 000,251,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2017/11/27 20:16:45 | 000,066,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-private-l1-1-0.dll
[2017/11/27 20:16:45 | 000,063,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-private-l1-1-0.dll
[2017/11/27 20:16:45 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msobjs.dll
[2017/11/27 20:16:45 | 000,022,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-math-l1-1-0.dll
[2017/11/27 20:16:45 | 000,022,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cmimcext.sys
[2017/11/27 20:16:45 | 000,020,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-math-l1-1-0.dll
[2017/11/27 20:16:45 | 000,019,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
[2017/11/27 20:16:45 | 000,019,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-multibyte-l1-1-0.dll
[2017/11/27 20:16:45 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-string-l1-1-0.dll
[2017/11/27 20:16:45 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-string-l1-1-0.dll
[2017/11/27 20:16:45 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
[2017/11/27 20:16:45 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-stdio-l1-1-0.dll
[2017/11/27 20:16:45 | 000,016,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
[2017/11/27 20:16:45 | 000,016,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-runtime-l1-1-0.dll
[2017/11/27 20:16:45 | 000,015,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
[2017/11/27 20:16:45 | 000,015,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-convert-l1-1-0.dll
[2017/11/27 20:16:45 | 000,014,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-time-l1-1-0.dll
[2017/11/27 20:16:45 | 000,014,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-time-l1-1-0.dll
[2017/11/27 20:16:45 | 000,013,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
[2017/11/27 20:16:45 | 000,013,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-filesystem-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-process-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-process-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-heap-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-conio-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-utility-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-locale-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
[2017/11/27 20:16:45 | 000,012,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-environment-l1-1-0.dll
[2017/11/27 20:16:44 | 002,881,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2017/11/27 20:16:44 | 000,685,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2017/11/27 20:16:44 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntprint.dll
[2017/11/27 20:16:44 | 000,274,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2017/11/27 20:16:44 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2017/11/27 20:16:44 | 000,117,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2017/11/27 20:16:44 | 000,069,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apisetschema.dll
[2017/11/27 20:16:44 | 000,046,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2017/11/27 20:16:44 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsdchngr.dll
[2017/11/27 20:16:44 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll
[2017/11/27 20:16:44 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll
[2017/11/27 20:16:43 | 003,631,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2017/11/27 20:16:43 | 002,749,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2017/11/27 20:16:43 | 002,551,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2017/11/27 20:16:43 | 001,920,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2017/11/27 20:16:43 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2017/11/27 20:16:43 | 000,699,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2017/11/27 20:16:43 | 000,468,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2017/11/27 20:16:43 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2017/11/27 20:16:43 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2017/11/27 20:16:43 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssphtb.dll
[2017/11/27 20:16:42 | 015,431,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2017/11/27 20:16:42 | 013,317,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2017/11/27 20:16:42 | 009,323,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmploc.DLL
[2017/11/27 20:16:42 | 009,323,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmploc.DLL
[2017/11/27 20:16:42 | 003,547,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2017/11/27 20:16:42 | 001,317,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2017/11/27 20:16:42 | 001,102,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2017/11/27 20:16:42 | 000,955,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2017/11/27 20:16:42 | 000,787,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2017/11/27 20:16:42 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll
[2017/11/27 20:16:42 | 000,497,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2017/11/27 20:16:42 | 000,399,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2017/11/27 20:16:42 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2017/11/27 20:16:42 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DafPrintProvider.dll
[2017/11/27 20:16:42 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiapi.dll
[2017/11/27 20:16:42 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll
[2017/11/27 20:16:42 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmjpegdec.dll
[2017/11/27 20:16:42 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2017/11/27 20:16:42 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmjpegdec.dll
[2017/11/27 20:16:41 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2017/11/27 20:16:41 | 000,807,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2017/11/27 20:16:41 | 000,662,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2017/11/27 20:16:41 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2017/11/27 20:16:41 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2017/11/27 20:16:41 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2017/11/27 20:16:41 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2017/11/27 20:16:41 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2017/11/27 20:16:41 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2017/11/27 20:16:41 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2017/11/27 20:16:41 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2017/11/27 20:16:40 | 005,979,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017/11/27 20:16:40 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2017/11/27 20:16:40 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2017/11/27 20:16:40 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2017/11/27 20:16:40 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2017/11/27 20:16:40 | 000,016,303 | ---- | M] () -- C:\WINDOWS\SysWow64\ieuinit.inf
[2017/11/27 20:16:40 | 000,016,303 | ---- | M] () -- C:\WINDOWS\SysNative\ieuinit.inf
[2017/11/27 20:16:39 | 002,134,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017/11/27 20:16:39 | 002,058,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017/11/27 20:16:39 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2017/11/27 20:16:39 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2017/11/27 20:16:39 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll
[2017/11/27 20:16:39 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2017/11/27 20:16:39 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2017/11/27 20:16:32 | 012,879,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2017/11/27 20:16:32 | 005,274,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glcndFilter.dll
[2017/11/27 20:16:32 | 005,270,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2017/11/27 20:16:32 | 002,712,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2017/11/27 20:16:32 | 001,566,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2017/11/27 20:16:32 | 000,954,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2017/11/27 20:16:32 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2017/11/27 20:16:32 | 000,548,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2017/11/27 20:16:32 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2017/11/27 20:16:32 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2017/11/27 20:16:32 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2017/11/27 20:16:32 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2017/11/27 20:16:32 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dab.dll
[2017/11/27 20:16:32 | 000,091,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2017/11/27 20:16:32 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sscore.dll
[2017/11/27 20:16:31 | 002,537,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2017/11/27 20:16:31 | 002,464,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2017/11/27 20:16:31 | 001,323,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wdc.dll
[2017/11/27 20:16:31 | 001,108,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2017/11/27 20:16:31 | 001,060,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certutil.exe
[2017/11/27 20:16:31 | 000,868,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2017/11/27 20:16:31 | 000,837,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoconv.exe
[2017/11/27 20:16:31 | 000,721,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcprx.dll
[2017/11/27 20:16:31 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2017/11/27 20:16:31 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2017/11/27 20:16:31 | 000,513,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2017/11/27 20:16:31 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wvc.dll
[2017/11/27 20:16:31 | 000,416,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sysmon.ocx
[2017/11/27 20:16:31 | 000,384,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlansec.dll
[2017/11/27 20:16:31 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uReFS.dll
[2017/11/27 20:16:31 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPTpm12.dll
[2017/11/27 20:16:31 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprapi.dll
[2017/11/27 20:16:31 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msinfo32.exe
[2017/11/27 20:16:31 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprddm.dll
[2017/11/27 20:16:31 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2017/11/27 20:16:31 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtrmgr.dll
[2017/11/27 20:16:31 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pdh.dll
[2017/11/27 20:16:31 | 000,252,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scksp.dll
[2017/11/27 20:16:31 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2017/11/27 20:16:31 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastapi.dll
[2017/11/27 20:16:31 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GlobCollationHost.dll
[2017/11/27 20:16:31 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ifsutil.dll
[2017/11/27 20:16:31 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasppp.dll
[2017/11/27 20:16:31 | 000,174,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\basecsp.dll
[2017/11/27 20:16:31 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ulib.dll
[2017/11/27 20:16:31 | 000,141,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uudf.dll
[2017/11/27 20:16:31 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ufat.dll
[2017/11/27 20:16:31 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shsetup.dll
[2017/11/27 20:16:31 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adsmsext.dll
[2017/11/27 20:16:31 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uexfat.dll
[2017/11/27 20:16:31 | 000,066,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appidapi.dll
[2017/11/27 20:16:31 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xolehlp.dll
[2017/11/27 20:16:31 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2017/11/27 20:16:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certenc.dll
[2017/11/27 20:16:31 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cnvfat.dll
[2017/11/27 20:16:31 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfdprov.dll
[2017/11/27 20:16:31 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mgmtapi.dll
[2017/11/27 20:16:30 | 000,308,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wevtapi.dll
[2017/11/27 20:16:30 | 000,236,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmWmiPl.dll
[2017/11/27 20:16:30 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmitomi.dll
[2017/11/27 20:16:30 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAuto.dll
[2017/11/27 20:16:30 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAgent.dll
[2017/11/27 20:16:29 | 004,298,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll
[2017/11/27 20:16:29 | 003,084,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2017/11/27 20:16:29 | 001,753,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2017/11/27 20:16:29 | 001,541,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2017/11/27 20:16:29 | 001,384,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2017/11/27 20:16:29 | 001,364,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2017/11/27 20:16:29 | 000,537,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2017/11/27 20:16:29 | 000,388,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017/11/27 20:16:29 | 000,373,080 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2017/11/27 20:16:29 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAnimation.dll
[2017/11/27 20:16:29 | 000,263,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2017/11/27 20:16:29 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\t2embed.dll
[2017/11/27 20:16:29 | 000,140,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2017/11/27 20:16:29 | 000,044,032 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2017/11/27 20:16:29 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2017/11/27 20:16:28 | 014,466,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2017/11/27 20:16:28 | 007,797,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2017/11/27 20:16:28 | 007,078,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glcndFilter.dll
[2017/11/27 20:16:28 | 003,120,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2017/11/27 20:16:28 | 002,779,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2017/11/27 20:16:28 | 002,315,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2017/11/27 20:16:28 | 001,985,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2017/11/27 20:16:28 | 001,763,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2017/11/27 20:16:28 | 001,220,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2017/11/27 20:16:28 | 000,747,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2017/11/27 20:16:28 | 000,738,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10level9.dll
[2017/11/27 20:16:28 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mscms.dll
[2017/11/27 20:16:28 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icm32.dll
[2017/11/27 20:16:28 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shdocvw.dll
[2017/11/27 20:16:28 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shsetup.dll
[2017/11/27 20:16:28 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdsdwmdr.dll
[2017/11/27 20:16:27 | 001,095,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2017/11/27 20:16:27 | 000,865,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2017/11/27 20:16:27 | 000,512,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2017/11/27 20:16:27 | 000,477,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2017/11/27 20:16:27 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntprint.dll
[2017/11/27 20:16:27 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DafPrintProvider.dll
[2017/11/27 20:16:27 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiapi.dll
[2017/11/27 20:16:27 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsdchngr.dll
[2017/11/27 20:16:23 | 002,240,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2017/11/27 20:16:23 | 001,674,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2017/11/27 20:16:23 | 001,534,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2017/11/27 20:16:23 | 001,499,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2017/11/27 20:16:23 | 001,370,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2017/11/27 20:16:23 | 001,001,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe
[2017/11/27 20:16:23 | 000,922,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys
[2017/11/27 20:16:23 | 000,713,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2017/11/27 20:16:23 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2017/11/27 20:16:23 | 000,607,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2017/11/27 20:16:23 | 000,576,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017/11/27 20:16:23 | 000,448,629 | ---- | M] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2017/11/27 20:16:23 | 000,445,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2017/11/27 20:16:23 | 000,429,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2017/11/27 20:16:23 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprapi.dll
[2017/11/27 20:16:23 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2017/11/27 20:16:23 | 000,377,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprddm.dll
[2017/11/27 20:16:23 | 000,374,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2017/11/27 20:16:23 | 000,323,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtrmgr.dll
[2017/11/27 20:16:23 | 000,302,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2017/11/27 20:16:23 | 000,289,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToDevice.dll
[2017/11/27 20:16:23 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasppp.dll
[2017/11/27 20:16:23 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2017/11/27 20:16:23 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastapi.dll
[2017/11/27 20:16:23 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToDevice.dll
[2017/11/27 20:16:23 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2017/11/27 20:16:23 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasman.dll
[2017/11/27 20:16:23 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2017/11/27 20:16:23 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2017/11/27 20:16:23 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2017/11/27 20:16:23 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2017/11/27 20:16:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mgmtapi.dll
[2017/11/27 20:16:22 | 003,320,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2017/11/27 20:16:22 | 002,896,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2017/11/27 20:16:22 | 001,697,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2017/11/27 20:16:22 | 001,662,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2017/11/27 20:16:22 | 001,501,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2017/11/27 20:16:22 | 001,436,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wdc.dll
[2017/11/27 20:16:22 | 001,388,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2017/11/27 20:16:22 | 001,292,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certutil.exe
[2017/11/27 20:16:22 | 001,200,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2017/11/27 20:16:22 | 000,925,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoconv.exe
[2017/11/27 20:16:22 | 000,897,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2017/11/27 20:16:22 | 000,871,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcprx.dll
[2017/11/27 20:16:22 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wvc.dll
[2017/11/27 20:16:22 | 000,557,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2017/11/27 20:16:22 | 000,517,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uReFS.dll
[2017/11/27 20:16:22 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tpmvsc.dll
[2017/11/27 20:16:22 | 000,425,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPTpm12.dll
[2017/11/27 20:16:22 | 000,380,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2017/11/27 20:16:22 | 000,371,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msinfo32.exe
[2017/11/27 20:16:22 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2017/11/27 20:16:22 | 000,324,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2017/11/27 20:16:22 | 000,323,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GlobCollationHost.dll
[2017/11/27 20:16:22 | 000,306,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pdh.dll
[2017/11/27 20:16:22 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityService.dll
[2017/11/27 20:16:22 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wisp.dll
[2017/11/27 20:16:22 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2017/11/27 20:16:22 | 000,277,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scksp.dll
[2017/11/27 20:16:22 | 000,242,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSCard.dll
[2017/11/27 20:16:22 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionQueue.dll
[2017/11/27 20:16:22 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ifsutil.dll
[2017/11/27 20:16:22 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smbwmiv2.dll
[2017/11/27 20:16:22 | 000,202,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basecsp.dll
[2017/11/27 20:16:22 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appidpolicyconverter.exe
[2017/11/27 20:16:22 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFWSD.dll
[2017/11/27 20:16:22 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ulib.dll
[2017/11/27 20:16:22 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2017/11/27 20:16:22 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uudf.dll
[2017/11/27 20:16:22 | 000,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ScDeviceEnum.dll
[2017/11/27 20:16:22 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ufat.dll
[2017/11/27 20:16:22 | 000,118,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2017/11/27 20:16:22 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adsmsext.dll
[2017/11/27 20:16:22 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2017/11/27 20:16:22 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uexfat.dll
[2017/11/27 20:16:22 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsiwmi.dll
[2017/11/27 20:16:22 | 000,075,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appidapi.dll
[2017/11/27 20:16:22 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsidsc.dll
[2017/11/27 20:16:22 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2017/11/27 20:16:22 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xolehlp.dll
[2017/11/27 20:16:22 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2017/11/27 20:16:22 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certenc.dll
[2017/11/27 20:16:22 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2017/11/27 20:16:22 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cnvfat.dll
[2017/11/27 20:16:22 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsium.dll
[2017/11/27 20:16:22 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convert.exe
[2017/11/27 20:16:22 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appidcertstorecheck.exe
[2017/11/27 20:16:17 | 002,471,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2017/11/27 20:16:17 | 000,420,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtapi.dll
[2017/11/27 20:16:17 | 000,377,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmrdvcore.dll
[2017/11/27 20:16:17 | 000,376,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2017/11/27 20:16:17 | 000,315,224 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2017/11/27 20:16:17 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2017/11/27 20:16:17 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2017/11/27 20:16:17 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmitomi.dll
[2017/11/27 20:16:17 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAuto.dll
[2017/11/27 20:16:17 | 000,121,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tm.sys
[2017/11/27 20:16:17 | 000,035,840 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2017/11/27 20:16:17 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAgent.dll
[2017/11/27 20:16:16 | 007,439,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017/11/27 20:16:16 | 003,551,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
[2017/11/27 20:16:16 | 002,176,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2017/11/27 20:16:16 | 001,968,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2017/11/27 20:16:16 | 001,946,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2017/11/27 20:16:16 | 001,737,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2017/11/27 20:16:16 | 001,491,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2017/11/27 20:16:16 | 001,311,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjet40.dll
[2017/11/27 20:16:16 | 001,135,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017/11/27 20:16:16 | 001,063,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2017/11/27 20:16:16 | 000,866,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mswdat10.dll
[2017/11/27 20:16:16 | 000,842,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2017/11/27 20:16:16 | 000,840,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2017/11/27 20:16:16 | 000,803,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2017/11/27 20:16:16 | 000,756,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2017/11/27 20:16:16 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2017/11/27 20:16:16 | 000,656,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2017/11/27 20:16:16 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mswstr10.dll
[2017/11/27 20:16:16 | 000,616,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrepl40.dll
[2017/11/27 20:16:16 | 000,518,144 | ---- | M] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2017/11/27 20:16:16 | 000,475,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxbde40.dll
[2017/11/27 20:16:16 | 000,470,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2017/11/27 20:16:16 | 000,450,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2017/11/27 20:16:16 | 000,443,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbport.sys
[2017/11/27 20:16:16 | 000,428,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2017/11/27 20:16:16 | 000,422,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2017/11/27 20:16:16 | 000,375,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspbde40.dll
[2017/11/27 20:16:16 | 000,358,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wldap32.dll
[2017/11/27 20:16:16 | 000,343,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd3x40.dll
[2017/11/27 20:16:16 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msexcl40.dll
[2017/11/27 20:16:16 | 000,310,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd2x40.dll
[2017/11/27 20:16:16 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjtes40.dll
[2017/11/27 20:16:16 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authz.dll
[2017/11/27 20:16:16 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstext40.dll
[2017/11/27 20:16:16 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAnimation.dll
[2017/11/27 20:16:16 | 000,240,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msltus40.dll
[2017/11/27 20:16:16 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wisp.dll
[2017/11/27 20:16:16 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2017/11/27 20:16:16 | 000,160,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IPHLPAPI.DLL
[2017/11/27 20:16:16 | 000,152,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2017/11/27 20:16:16 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininit.exe
[2017/11/27 20:16:16 | 000,137,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncrypt.dll
[2017/11/27 20:16:16 | 000,136,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2017/11/27 20:16:16 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2017/11/27 20:16:16 | 000,113,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\t2embed.dll
[2017/11/27 20:16:16 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2017/11/27 20:16:16 | 000,107,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2017/11/27 20:16:16 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fr-FR\tcpip.sys.mui
[2017/11/27 20:16:16 | 000,086,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2017/11/27 20:16:16 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjter40.dll
[2017/11/27 20:16:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2017/11/27 20:16:16 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fr-FR\srv2.sys.mui
[2017/11/27 20:16:16 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsiwmi.dll
[2017/11/27 20:16:16 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msobjs.dll
[2017/11/27 20:16:16 | 000,057,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2017/11/27 20:16:16 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsidsc.dll
[2017/11/27 20:16:16 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sscore.dll
[2017/11/27 20:16:16 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2017/11/27 20:16:16 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2017/11/27 20:16:16 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2017/11/27 20:16:16 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsium.dll
[2017/11/27 20:16:16 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjint40.dll
[2017/11/27 20:07:02 | 000,951,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2017/11/27 20:07:02 | 000,749,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2017/11/27 20:07:02 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UtcResources.dll
[2017/11/27 20:06:07 | 000,653,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comctl32.dll
[2017/11/27 20:05:57 | 000,402,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2017/11/27 20:05:57 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2017/11/27 20:05:40 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clfsw32.dll
[2017/11/27 20:05:40 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clfsw32.dll
[2017/11/27 20:05:31 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys
[2017/11/27 20:05:23 | 000,578,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinSync.dll
[2017/11/27 20:05:22 | 000,713,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSync.dll
[2017/11/27 20:05:14 | 000,239,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2017/11/27 20:05:14 | 000,154,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2017/11/27 20:05:00 | 000,397,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2017/11/27 20:05:00 | 000,340,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2017/11/27 20:05:00 | 000,179,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2017/11/27 20:04:43 | 000,779,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgradeui.exe
[2017/11/27 20:04:35 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys
[2017/11/27 20:04:27 | 000,570,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2017/11/27 20:03:46 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWbPrxy.exe
[2017/11/27 20:03:30 | 000,218,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll
[2017/11/27 20:01:27 | 002,067,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpdshext.dll
[2017/11/27 20:01:19 | 001,488,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfc42u.dll
[2017/11/27 20:01:19 | 001,464,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfc42.dll
[2017/11/27 20:01:19 | 001,230,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc42u.dll
[2017/11/27 20:01:19 | 001,204,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc42.dll
[2017/11/27 20:01:01 | 000,670,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2017/11/27 20:01:01 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2017/11/27 20:00:41 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basesrv.dll
[2017/11/27 20:00:24 | 000,155,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys
[2017/11/27 20:00:17 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NcdAutoSetup.dll
[2017/11/27 20:00:10 | 000,203,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2017/11/27 19:59:41 | 002,819,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2017/11/27 19:59:41 | 002,592,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themecpl.dll
[2017/11/27 19:59:41 | 002,551,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themecpl.dll
[2017/11/27 19:59:41 | 002,171,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlowUI.dll
[2017/11/27 19:59:41 | 001,348,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2017/11/27 19:59:41 | 001,278,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2017/11/27 19:59:41 | 001,197,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2017/11/27 19:59:41 | 000,955,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2017/11/27 19:59:41 | 000,841,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2017/11/27 19:59:41 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2017/11/27 19:59:41 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2017/11/27 19:59:41 | 000,653,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2017/11/27 19:59:41 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hgcpl.dll
[2017/11/27 19:59:41 | 000,539,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hgcpl.dll
[2017/11/27 19:59:41 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2017/11/27 19:59:41 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2017/11/27 19:59:41 | 000,336,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2017/11/27 19:59:41 | 000,273,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2017/11/27 19:59:41 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingMonitor.dll
[2017/11/27 19:59:41 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2017/11/27 19:59:41 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2017/11/27 19:59:41 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingMonitor.dll
[2017/11/27 19:58:49 | 000,748,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2017/11/27 19:58:36 | 000,780,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2017/11/27 19:58:27 | 000,325,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2017/11/27 19:58:07 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rgb9rast.dll
[2017/11/27 19:58:01 | 001,673,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2017/11/27 19:58:01 | 000,787,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2017/11/27 19:57:43 | 000,292,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMASF.DLL
[2017/11/27 19:57:05 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StorageContextHandler.dll
[2017/11/27 19:57:05 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StorageContextHandler.dll
[2017/11/27 19:56:31 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\polstore.dll
[2017/11/27 19:56:31 | 000,291,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\polstore.dll
[2017/11/27 19:56:31 | 000,135,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2017/11/27 19:56:31 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FwRemoteSvr.dll
[2017/11/27 19:56:31 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FwRemoteSvr.dll
[2017/11/27 19:56:21 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupStatusProvider.dll
[2017/11/27 19:56:21 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceSetupStatusProvider.dll
[2017/11/27 19:56:12 | 000,422,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2017/11/27 19:56:12 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2017/11/27 19:56:12 | 000,136,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2017/11/27 19:56:03 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\csrsrv.dll
[2017/11/27 19:55:45 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\compstui.dll
[2017/11/27 19:55:36 | 001,307,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2017/11/27 19:55:27 | 000,468,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2017/11/27 19:55:27 | 000,027,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbd.sys
[2017/11/27 19:55:14 | 001,707,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comsvcs.dll
[2017/11/27 19:55:14 | 001,344,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comsvcs.dll
[2017/11/27 19:55:14 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\catsrvut.dll
[2017/11/27 19:55:14 | 000,414,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\catsrvut.dll
[2017/11/27 19:55:02 | 000,410,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2017/11/27 19:54:57 | 001,156,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2017/11/27 19:54:57 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2017/11/27 19:54:57 | 000,455,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2017/11/27 19:54:50 | 000,487,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2017/11/27 19:54:50 | 000,393,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2017/11/27 19:54:43 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shacct.dll
[2017/11/27 19:54:43 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shacct.dll
[2017/11/27 19:54:37 | 002,162,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2017/11/27 19:54:37 | 001,812,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2017/11/27 19:54:23 | 000,468,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskeng.exe
[2017/11/27 19:54:23 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\schtasks.exe
[2017/11/27 19:54:23 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\schtasks.exe
[2017/11/27 19:54:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2017/11/27 19:54:16 | 000,141,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2017/11/27 19:54:10 | 000,933,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\calc.exe
[2017/11/27 19:54:10 | 000,816,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\calc.exe
[2017/11/27 19:54:04 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2017/11/27 19:53:55 | 000,200,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2017/11/27 19:53:55 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll
[2017/11/27 19:53:55 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wu.upgrade.ps.dll
[2017/11/27 19:53:30 | 000,072,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vpci.sys
[2017/11/27 19:53:25 | 000,183,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2017/11/27 19:52:59 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fr-FR\mountmgr.sys.mui
[2017/11/27 19:52:47 | 000,268,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InkEd.dll
[2017/11/27 19:52:47 | 000,230,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InkEd.dll
[2017/11/27 19:52:25 | 000,723,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2017/11/27 19:52:25 | 000,560,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2017/11/27 19:51:53 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rmcast.sys
[2017/11/27 19:51:44 | 002,256,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2017/11/27 19:51:44 | 001,943,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2017/11/27 19:51:38 | 000,538,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scesrv.dll
[2017/11/27 19:51:38 | 000,393,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scesrv.dll
[2017/11/27 19:51:34 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\atlthunk.dll
[2017/11/27 19:51:14 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mtxoci.dll
[2017/11/27 19:51:14 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msorcl32.dll
[2017/11/27 19:51:14 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxoci.dll
[2017/11/27 19:51:14 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setup16.exe
[2017/11/27 19:51:14 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntvdm64.dll
[2017/11/27 19:51:14 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntvdm64.dll
[2017/11/27 19:51:14 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2017/11/27 19:51:14 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\instnm.exe
[2017/11/27 19:51:14 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wow32.dll
[2017/11/27 19:51:14 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\user.exe
[2017/11/27 19:50:53 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2017/11/27 19:50:53 | 000,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2017/11/27 19:50:04 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fr-FR\spaceport.sys.mui
[2017/11/27 19:49:35 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GeofenceMonitorService.dll
[2017/11/27 19:49:35 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GeofenceMonitorService.dll
[2017/11/27 19:49:25 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2017/11/27 19:49:25 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2017/11/27 19:48:52 | 001,728,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2017/11/27 19:48:52 | 001,546,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2017/11/27 19:48:43 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\photowiz.dll
[2017/11/27 19:48:43 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\photowiz.dll
[2017/11/27 19:48:33 | 000,531,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017/11/27 19:48:33 | 000,413,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2017/11/27 19:48:33 | 000,372,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2017/11/27 19:48:33 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2017/11/27 19:48:33 | 000,108,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll
[2017/11/27 19:48:33 | 000,038,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2017/11/27 19:48:33 | 000,033,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2017/11/27 19:44:44 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdbinst.exe
[2017/11/27 19:44:44 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdbinst.exe
[2017/11/26 20:39:56 | 127,017,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MRT-KB890830.exe
[2017/11/26 16:19:40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2017/11/25 02:27:17 | 000,002,059 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2017/11/25 00:59:06 | 000,001,456 | ---- | M] () -- C:\Users\fauquant\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2017/11/25 00:59:06 | 000,000,223 | -HS- | M] () -- C:\Users\fauquant\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2017/11/25 00:50:13 | 000,002,609 | ---- | M] () -- C:\Users\Public\Desktop\eBay.lnk
[2017/11/11 04:38:36 | 000,000,196 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\isolate.ini
[2017/11/11 00:31:25 | 000,566,936 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\symnets.sys
[2017/11/11 00:31:25 | 000,468,616 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\symtdiv.sys
[2017/11/11 00:31:23 | 000,008,439 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\symnet64.cat
[2017/11/11 00:31:23 | 000,000,869 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\symnet64.inf
[2017/11/11 00:31:06 | 001,938,584 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\symefasi64.sys
[2017/11/11 00:31:06 | 000,839,789 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\symvtcer.dat
[2017/11/11 00:31:06 | 000,024,608 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\symelam.sys
[2017/11/11 00:31:06 | 000,010,226 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\symelam64.cat
[2017/11/11 00:31:06 | 000,008,455 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\symefasi64.cat
[2017/11/11 00:31:06 | 000,003,535 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\symefasi.inf
[2017/11/11 00:31:06 | 000,001,155 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\symelam.inf
[2017/11/11 00:29:34 | 000,309,984 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\ironx64.sys
[2017/11/11 00:29:34 | 000,008,433 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\iron.cat
[2017/11/11 00:29:34 | 000,000,768 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\iron.inf
[2017/11/11 00:28:36 | 000,187,544 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\ccsetx64.sys
[2017/11/11 00:28:36 | 000,008,445 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\ccsetx64.cat
[2017/11/11 00:28:36 | 000,000,852 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\ccsetx64.inf
[2017/11/11 00:28:12 | 000,812,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\srtsp64.sys
[2017/11/11 00:28:12 | 000,049,304 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\srtspx64.sys
[2017/11/11 00:28:12 | 000,008,395 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\srtspx64.cat
[2017/11/11 00:28:12 | 000,008,391 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\srtsp64.cat
[2017/11/11 00:28:12 | 000,001,465 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\srtsp64.inf
[2017/11/11 00:28:12 | 000,001,446 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\160B020.007\srtspx64.inf
[2017/11/08 16:55:00 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2017/11/04 01:41:39 | 000,835,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2017/11/04 01:41:39 | 000,177,648 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2017/11/30 23:07:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2017/11/30 22:37:55 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2017/11/30 19:25:55 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2017/11/27 22:16:02 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2017/11/27 22:16:02 | 000,001,822 | ---- | C] () -- C:\Users\fauquant\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2017/11/27 22:16:02 | 000,001,822 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
[2017/11/27 21:17:06 | 000,001,474 | ---- | C] () -- C:\Users\fauquant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2017/11/27 21:08:59 | 000,023,108 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2017/11/27 20:57:59 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2017/11/27 20:52:26 | 000,000,369 | ---- | C] () -- C:\Users\fauquant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2017/11/27 20:52:26 | 000,000,369 | ---- | C] () -- C:\Users\fauquant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2017/11/27 20:52:26 | 000,000,352 | ---- | C] () -- C:\Users\fauquant\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2017/11/27 20:52:26 | 000,000,334 | ---- | C] () -- C:\Users\fauquant\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2017/11/27 20:52:09 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2017/11/27 20:52:09 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2017/11/27 20:41:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2017/11/27 20:41:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysNative\spu_storage.bin
[2017/11/27 20:16:40 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysWow64\ieuinit.inf
[2017/11/27 20:16:40 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysNative\ieuinit.inf
[2017/11/27 20:16:23 | 000,448,629 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2017/11/27 20:16:16 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2017/11/26 16:42:52 | 000,011,105 | ---- | C] () -- C:\WINDOWS\SysNative\AutoconfigV2.cab
[2017/11/26 16:19:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2017/11/25 02:27:16 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2017/11/25 02:27:16 | 000,002,059 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2017/11/25 00:59:06 | 000,001,456 | ---- | C] () -- C:\Users\fauquant\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2017/11/25 00:50:17 | 000,000,000 | ---- | C] () -- C:\Users\fauquant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2017/11/25 00:50:13 | 000,002,609 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2017/11/25 00:46:23 | 000,000,223 | -HS- | C] () -- C:\Users\fauquant\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2017/11/25 00:43:35 | 2950,692,864 | -HS- | C] () -- C:\hiberfil.sys
[2017/11/25 00:43:35 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys

[color=#E56717]========== ZeroAccess Check ==========[/color]

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2017/11/27 20:16:28 | 022,361,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2017/11/27 20:16:31 | 019,790,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/11/21 00:18:18 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/11/21 00:19:18 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/11/21 00:18:18 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2017/11/28 23:28:39 | 000,000,000 | ---D | M] -- C:\Users\fauquant\AppData\Roaming\Azureus
[2017/11/30 20:40:40 | 000,000,000 | ---D | M] -- C:\Users\fauquant\AppData\Roaming\SpeedBit

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2013/06/18 13:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2017/11/30 22:46:06 | 2950,692,864 | -HS- | M] () -- C:\hiberfil.sys
[2017/11/30 22:46:09 | 1409,286,144 | -HS- | M] () -- C:\pagefile.sys
[2017/11/30 23:07:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017/11/25 09:43:13 | 000,000,000 | ---- | M] () -- C:\Recovery.txt
[2017/11/30 22:46:10 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
[2013/08/22 16:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

[color=#A23BEC]< %PROGRAMFILES%\*. >[/color]
[2017/11/25 02:26:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2014/02/21 11:35:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD APP
[2014/02/21 11:34:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD AVT
[2017/11/27 20:43:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2017/11/27 20:55:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2014/02/21 11:57:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2014/02/21 11:56:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2017/11/27 20:18:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2014/02/21 11:53:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2017/11/29 21:10:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2017/11/27 19:46:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2013/05/08 14:03:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero
[2017/11/27 21:05:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Norton Internet Security
[2014/02/21 11:55:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Norton Online Backup ARA
[2017/11/27 06:45:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NortonInstaller
[2017/11/25 00:50:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OEM
[2014/02/21 11:58:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Packard Bell
[2014/02/21 11:37:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2017/11/27 19:46:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2017/11/26 23:25:27 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2014/02/21 11:41:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Spotify
[2014/02/21 11:56:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Symantec
[2013/05/08 14:05:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SymSilent
[2014/02/21 11:36:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2013/05/08 14:01:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildGames
[2013/05/08 14:01:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildTangent Games
[2017/11/27 20:18:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2014/11/21 06:55:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2017/11/27 20:55:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2014/11/21 06:55:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Multimedia Platform
[2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2014/11/21 06:55:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2014/11/21 06:55:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2017/11/27 20:55:45 | 000,000,000 | -HSD | M] -- C:\Program Files (x86)\Windows Sidebar
[2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WindowsPowerShell

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\AGP440.sys

[color=#A23BEC]< MD5 for: APPMGMTS.DLL >[/color]
[2013/08/22 15:55:04 | 000,086,064 | ---- | M] () MD5=1336BE8A8B1E8B8744D5217AE5FDD303 -- C:\Windows\WinSxS\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.3.9600.16384_none_728d486f3000a7ad\appmgmts.dll
[2014/11/21 07:31:19 | 000,087,855 | ---- | M] () MD5=5B2A9B5E87542C65457B527CC512AF25 -- C:\Windows\WinSxS\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.3.9600.17415_none_72d9e34b2fc71435\appmgmts.dll
[2013/08/22 16:00:05 | 000,071,466 | ---- | M] () MD5=9424C4C8AE9114A121553818824D33A3 -- C:\Windows\WinSxS\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.3.9600.16384_none_7ce1f2c1646169a8\appmgmts.dll
[2014/11/21 07:32:39 | 000,072,712 | ---- | M] () MD5=C73D54BF555388E7DF11A9C0AFC1F139 -- C:\Windows\WinSxS\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.3.9600.17415_none_7d2e8d9d6427d630\appmgmts.dll

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys

[color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
[2014/11/20 23:55:24 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/11/20 23:55:24 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/11/20 23:55:04 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\WINDOWS\SysNative\autochk.exe
[2014/11/20 23:55:04 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2013/08/22 12:40:24 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=EC19013E4CF87609534165DF897274D6 -- C:\WINDOWS\SysNative\drivers\beep.sys
[2013/08/22 12:40:24 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=EC19013E4CF87609534165DF897274D6 -- C:\Windows\WinSxS\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.3.9600.16384_none_b4df015ddb944ecf\beep.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2016/08/27 19:26:03 | 002,411,048 | ---- | M] (Microsoft Corporation) MD5=042216FBB8B0CCC7402C3C77E58E1BC9 -- C:\Windows\SysWOW64\explorer.exe
[2016/08/27 19:26:03 | 002,411,048 | ---- | M] (Microsoft Corporation) MD5=042216FBB8B0CCC7402C3C77E58E1BC9 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.18460_none_4cd924758207ca59\explorer.exe
[2014/11/21 00:19:40 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=4B37A33F4F5237BF02E537F8D12D1129 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_4d144c4b81daa3b6\explorer.exe
[2014/11/21 00:19:08 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=85D47EB257B06094F052E0C8AEFA3BEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_42bfa1f94d79e1bb\explorer.exe
[2017/11/27 19:59:41 | 002,412,576 | ---- | M] (Microsoft Corporation) MD5=97A7A0521E059D242907EFB73A844F29 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.18231_none_4cfa90b781ee958f\explorer.exe
[2017/11/27 19:59:41 | 002,757,616 | ---- | M] (Microsoft Corporation) MD5=B3541A5A20C6264781909B1B7FE54836 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.18231_none_42a5e6654d8dd394\explorer.exe
[2016/08/27 20:44:40 | 002,755,504 | ---- | M] (Microsoft Corporation) MD5=ED6B4C95E2A6D67480B9DBB8A8E7D9B4 -- C:\Windows\explorer.exe
[2016/08/27 20:44:40 | 002,755,504 | ---- | M] (Microsoft Corporation) MD5=ED6B4C95E2A6D67480B9DBB8A8E7D9B4 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.18460_none_42847a234da7085e\explorer.exe

[color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color]
[2014/11/21 00:18:02 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=AE71B1BC1A17000F7B8F9AB79D4668D4 -- C:\Windows\SysWOW64\hidserv.dll
[2014/11/21 00:18:02 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=AE71B1BC1A17000F7B8F9AB79D4668D4 -- C:\Windows\WinSxS\wow64_microsoft-windows-hid-user_31bf3856ad364e35_6.3.9600.17415_none_d20beda68f8cdd2e\hidserv.dll
[2014/11/21 00:18:36 | 000,033,792 | ---- | M] (Microsoft Corporation) MD5=EA85B5093DF7B5C3E80362B053740AE2 -- C:\WINDOWS\SysNative\hidserv.dll
[2014/11/21 00:18:36 | 000,033,792 | ---- | M] (Microsoft Corporation) MD5=EA85B5093DF7B5C3E80362B053740AE2 -- C:\Windows\WinSxS\amd64_microsoft-windows-hid-user_31bf3856ad364e35_6.3.9600.17415_none_c7b743545b2c1b33\hidserv.dll

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys

[color=#A23BEC]< MD5 for: IMM32.DLL >[/color]
[2014/11/21 00:18:16 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=59452E147C6A5D055E5EBCB6B8E99CB7 -- C:\Windows\SysWOW64\imm32.dll
[2014/11/21 00:18:16 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=59452E147C6A5D055E5EBCB6B8E99CB7 -- C:\Windows\WinSxS\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.3.9600.17415_none_57b5c34f828931f9\imm32.dll
[2014/11/21 00:19:14 | 000,210,744 | ---- | M] (Microsoft Corporation) MD5=DEB33D08FBF708CAAC08080054D4C7CC -- C:\WINDOWS\SysNative\imm32.dll
[2014/11/21 00:19:14 | 000,210,744 | ---- | M] (Microsoft Corporation) MD5=DEB33D08FBF708CAAC08080054D4C7CC -- C:\Windows\WinSxS\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.3.9600.17415_none_4d6118fd4e286ffe\imm32.dll

[color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color]
[2014/11/21 00:19:24 | 001,040,384 | ---- | M] (Microsoft Corporation) MD5=00DC86D9068D7E780407A8B66E2AFD9D -- C:\Windows\SysWOW64\kernel32.dll
[2014/11/21 00:19:24 | 001,040,384 | ---- | M] (Microsoft Corporation) MD5=00DC86D9068D7E780407A8B66E2AFD9D -- C:\Windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.3.9600.17415_none_8f1d8a7a5e69bda5\kernel32.dll
[2014/11/21 00:18:31 | 001,309,744 | ---- | M] (Microsoft Corporation) MD5=4F455778B6CDA2FD61D4F8B0A3E0543C -- C:\WINDOWS\SysNative\kernel32.dll
[2014/11/21 00:18:31 | 001,309,744 | ---- | M] (Microsoft Corporation) MD5=4F455778B6CDA2FD61D4F8B0A3E0543C -- C:\Windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.3.9600.17415_none_84c8e0282a08fbaa\kernel32.dll

[color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color]
[2017/11/27 20:22:24 | 000,286,208 | ---- | M] (Microsoft Corporation) MD5=5A540777BD31438E397ED863AED1A5B9 -- C:\Windows\SysWOW64\mswsock.dll
[2017/11/27 20:22:24 | 000,286,208 | ---- | M] (Microsoft Corporation) MD5=5A540777BD31438E397ED863AED1A5B9 -- C:\Windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.3.9600.18341_none_4d1b2ccf48c7cb45\mswsock.dll
[2014/11/21 00:19:41 | 000,286,208 | ---- | M] (Microsoft Corporation) MD5=98ECA44A09EFA23890205D2B5233FC96 -- C:\Windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.3.9600.17415_none_4d3fb66948abc054\mswsock.dll
[2014/11/21 00:18:01 | 000,339,456 | ---- | M] (Microsoft Corporation) MD5=B394EB3E443DCB195BC65B9A54CD8FE3 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.3.9600.17415_none_a95e51ed0109318a\mswsock.dll
[2017/11/27 20:22:24 | 000,339,456 | ---- | M] (Microsoft Corporation) MD5=D3901AE5309630F4981D093AE2EF8A83 -- C:\WINDOWS\SysNative\mswsock.dll
[2017/11/27 20:22:24 | 000,339,456 | ---- | M] (Microsoft Corporation) MD5=D3901AE5309630F4981D093AE2EF8A83 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.3.9600.18341_none_a939c85301253c7b\mswsock.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2014/11/21 00:18:00 | 001,114,432 | ---- | M] (Microsoft Corporation) MD5=21FE65E2E67C4E31EE95CBD1F91C4B24 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17399_none_4a0df8fdfc06c676\ndis.sys
[2017/11/27 19:54:50 | 001,113,944 | ---- | M] (Microsoft Corporation) MD5=97DC5967F65503213FD1F1B3E4A6F983 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17933_none_4a48e22dfbdb75b0\ndis.sys
[2017/11/27 20:16:16 | 001,113,944 | ---- | M] (Microsoft Corporation) MD5=FFAA6C6E798FBA448FA7628A1B277F5C -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2017/11/27 20:16:16 | 001,113,944 | ---- | M] (Microsoft Corporation) MD5=FFAA6C6E798FBA448FA7628A1B277F5C -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.18578_none_4a22858ffbf7892c\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2014/11/21 00:18:01 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_eec2b22a0bb75b53\netlogon.dll
[2017/11/27 20:16:32 | 000,696,832 | ---- | M] (Microsoft Corporation) MD5=05EF5C4411257B73881704B384ED3A5C -- C:\Windows\SysWOW64\netlogon.dll
[2017/11/27 20:16:32 | 000,696,832 | ---- | M] (Microsoft Corporation) MD5=05EF5C4411257B73881704B384ED3A5C -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.18573_none_f8d4677e404aa90e\netlogon.dll
[2017/11/27 20:16:16 | 000,840,192 | ---- | M] (Microsoft Corporation) MD5=0DC54F9D0907B9641DA1A3EE5F4FF6F7 -- C:\WINDOWS\SysNative\netlogon.dll
[2017/11/27 20:16:16 | 000,840,192 | ---- | M] (Microsoft Corporation) MD5=0DC54F9D0907B9641DA1A3EE5F4FF6F7 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.18573_none_ee7fbd2c0be9e713\netlogon.dll
[2016/04/01 17:41:19 | 000,696,832 | ---- | M] (Microsoft Corporation) MD5=3A1B7B111ECAF58414B82EAB67EDB060 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.18295_none_f8c0c28840591c29\netlogon.dll
[2016/04/01 18:00:38 | 000,840,704 | ---- | M] (Microsoft Corporation) MD5=41F69B45275F7CCF9B46623422AB140F -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.18295_none_ee6c18360bf85a2e\netlogon.dll
[2014/11/21 00:19:41 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_f9175c7c40181d4e\netlogon.dll

[color=#A23BEC]< MD5 for: NTFS.SYS >[/color]
[2014/11/21 00:18:00 | 002,025,792 | ---- | M] (Microsoft Corporation) MD5=7F68063A5A0461E02BC860CE0E6BFDDC -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.3.9600.17401_none_9782f367f0a48b42\ntfs.sys
[2017/11/27 20:16:16 | 002,013,016 | ---- | M] (Microsoft Corporation) MD5=9907FCC207E470F94B9DB6BD037E79C4 -- C:\WINDOWS\SysNative\drivers\ntfs.sys
[2017/11/27 20:16:16 | 002,013,016 | ---- | M] (Microsoft Corporation) MD5=9907FCC207E470F94B9DB6BD037E79C4 -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.3.9600.18838_none_97697679f0b69eb3\ntfs.sys

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys

[color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color]
[2014/11/21 00:18:41 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=864379396733031C99B64550358CAEBD -- C:\WINDOWS\SysNative\proquota.exe
[2014/11/21 00:18:41 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=864379396733031C99B64550358CAEBD -- C:\Windows\WinSxS\amd64_microsoft-windows-proquota_31bf3856ad364e35_6.3.9600.17415_none_18d1f2be66229ae5\proquota.exe
[2014/11/21 00:19:29 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=DF801B9FC4247EBFBFE07E5EC417C5B0 -- C:\Windows\SysWOW64\proquota.exe
[2014/11/21 00:19:29 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=DF801B9FC4247EBFBFE07E5EC417C5B0 -- C:\Windows\WinSxS\x86_microsoft-windows-proquota_31bf3856ad364e35_6.3.9600.17415_none_bcb3573aadc529af\proquota.exe

[color=#A23BEC]< MD5 for: QMGR.DLL >[/color]
[2014/11/21 00:18:22 | 000,933,376 | ---- | M] (Microsoft Corporation) MD5=48554994279BFE17A3D2B00076D0CB1A -- C:\WINDOWS\SysNative\qmgr.dll
[2014/11/21 00:18:22 | 000,933,376 | ---- | M] (Microsoft Corporation) MD5=48554994279BFE17A3D2B00076D0CB1A -- C:\Windows\WinSxS\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.3.9600.17415_none_149bbfd3cd2f7e88\qmgr.dll

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2014/11/21 00:18:37 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\WINDOWS\SysNative\scecli.dll
[2014/11/21 00:18:37 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_2918dd42acd8e20e\scecli.dll
[2014/11/21 00:19:29 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\SysWOW64\scecli.dll
[2014/11/21 00:19:29 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_336d8794e139a409\scecli.dll

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2017/11/27 20:32:26 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=2E3976C857D7230EC8D2B2276E688255 -- C:\WINDOWS\SysNative\spoolsv.exe
[2017/11/27 20:32:26 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=2E3976C857D7230EC8D2B2276E688255 -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.3.9600.17480_none_c705ed2295837cf6\spoolsv.exe
[2014/11/21 00:19:00 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=FCB156A6745631A67DEA61827061D483 -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.3.9600.17415_none_c7569e0895463812\spoolsv.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2014/11/21 00:19:41 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\SysWOW64\svchost.exe
[2014/11/21 00:19:41 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_4aa7b90420adbfab\svchost.exe
[2014/11/21 00:18:00 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\WINDOWS\SysNative\svchost.exe
[2014/11/21 00:18:00 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_a6c65487d90b30e1\svchost.exe

[color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color]
[2017/11/27 20:16:28 | 001,115,136 | ---- | M] (Microsoft Corporation) MD5=76938862B2674EFED79E814CD36E6A08 -- C:\WINDOWS\SysNative\termsrv.dll
[2017/11/27 20:16:28 | 001,115,136 | ---- | M] (Microsoft Corporation) MD5=76938862B2674EFED79E814CD36E6A08 -- C:\Windows\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.3.9600.18709_none_7fb8fcad27f5e4df\termsrv.dll
[2014/11/21 00:19:09 | 001,114,624 | ---- | M] (Microsoft Corporation) MD5=C50997E282576DA492EBA66B059D4196 -- C:\Windows\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.3.9600.17415_none_7faa3caf28018a5e\termsrv.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2014/11/21 00:18:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\WINDOWS\SysNative\userinit.exe
[2014/11/21 00:18:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_cd33b4fca56d6b07\userinit.exe
[2014/11/21 00:19:41 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\SysWOW64\userinit.exe
[2014/11/21 00:19:41 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_71151978ed0ff9d1\userinit.exe

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2017/11/27 19:50:19 | 000,316,760 | ---- | M] (Microsoft Corporation) MD5=17F7B0F2298D97F4B6C7A69511033D3D -- C:\WINDOWS\SysNative\drivers\volsnap.sys
[2017/11/27 19:50:19 | 000,316,760 | ---- | M] (Microsoft Corporation) MD5=17F7B0F2298D97F4B6C7A69511033D3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\volume.inf_amd64_57ecf9eef1118ef7\volsnap.sys
[2017/11/27 19:50:19 | 000,316,760 | ---- | M] (Microsoft Corporation) MD5=17F7B0F2298D97F4B6C7A69511033D3D -- C:\Windows\WinSxS\amd64_volume.inf_31bf3856ad364e35_6.3.9600.18266_none_068c8881cffa3228\volsnap.sys
[2014/11/21 00:17:55 | 000,310,080 | ---- | M] (Microsoft Corporation) MD5=64CA2B4A49A8EAF495E435623ECCE7DB -- C:\WINDOWS\SysNative\DriverStore\FileRepository\volume.inf_amd64_8687137d6e4faf5d\volsnap.sys
[2014/11/21 00:17:55 | 000,310,080 | ---- | M] (Microsoft Corporation) MD5=64CA2B4A49A8EAF495E435623ECCE7DB -- C:\Windows\WinSxS\amd64_volume.inf_31bf3856ad364e35_6.3.9600.17215_none_06c1ae9bcfd2737b\volsnap.sys

[color=#A23BEC]< MD5 for: WININET.DLL >[/color]
[2014/11/21 04:28:11 | 001,892,864 | ---- | M] (Microsoft Corporation) MD5=03D7DF4711B851EF286562F97429211D -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.9600.17416_none_a97dbc6acc78cf96\wininet.dll
[2017/11/27 20:16:43 | 002,767,872 | ---- | M] (Microsoft Corporation) MD5=35A2EB134341DA91D80ED9D82B3AC460 -- C:\Windows\SysWOW64\wininet.dll
[2017/11/27 20:16:43 | 002,767,872 | ---- | M] (Microsoft Corporation) MD5=35A2EB134341DA91D80ED9D82B3AC460 -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.9600.18838_none_a95451a4cc97a271\wininet.dll
[2016/09/01 01:43:05 | 002,445,824 | ---- | M] (Microsoft Corporation) MD5=42B01C859A89EEA6237DBD9A290DF857 -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.9600.18450_none_a9824828cc749853\wininet.dll
[2014/11/21 04:28:09 | 002,365,440 | ---- | M] (Microsoft Corporation) MD5=BF1FC65A307B31939ADF7F976FDE033C -- C:\Windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.9600.17416_none_059c57ee84d640cc\wininet.dll
[2017/11/27 20:16:23 | 003,241,472 | ---- | M] (Microsoft Corporation) MD5=D13A0397ED940C071FD5ABB76BC974CF -- C:\WINDOWS\SysNative\wininet.dll
[2017/11/27 20:16:23 | 003,241,472 | ---- | M] (Microsoft Corporation) MD5=D13A0397ED940C071FD5ABB76BC974CF -- C:\Windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.9600.18838_none_0572ed2884f513a7\wininet.dll
[2016/09/01 00:10:42 | 002,921,472 | ---- | M] (Microsoft Corporation) MD5=F28B26DE031D6C7AC3F393417191A22F -- C:\Windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.9600.18450_none_05a0e3ac84d20989\wininet.dll

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2014/11/21 00:18:00 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=A570A64292214C43E0BA50E6A72A6380 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.3.9600.17415_none_21fdb3b5d80e199e\wininit.exe
[2017/11/27 20:16:16 | 000,146,944 | ---- | M] (Microsoft Corporation) MD5=D9516405E05F24EDCD90B1988FAF3948 -- C:\WINDOWS\SysNative\wininit.exe
[2017/11/27 20:16:16 | 000,146,944 | ---- | M] (Microsoft Corporation) MD5=D9516405E05F24EDCD90B1988FAF3948 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.3.9600.18577_none_21bebfdfd83d0aba\wininit.exe
[2017/11/27 20:02:56 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=EC302D06155F8E3C383750993FCB6B27 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.3.9600.18083_none_21afe54dd848cf8c\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2017/11/27 20:02:56 | 000,572,928 | ---- | M] (Microsoft Corporation) MD5=3F8645885823692D93765817759BE21C -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.18083_none_60802d95a8e9a4df\winlogon.exe
[2017/11/27 20:02:56 | 000,572,928 | ---- | M] (Microsoft Corporation) MD5=3F8645885823692D93765817759BE21C -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.18083_none_60802d95a8e9a4df\winlogon.exe
[2017/11/27 20:04:27 | 000,570,880 | ---- | M] (Microsoft Corporation) MD5=B1102BBDDD9C87B3D609D6C08F7A3DBD -- C:\WINDOWS\SysNative\winlogon.exe
[2017/11/27 20:04:27 | 000,570,880 | ---- | M] (Microsoft Corporation) MD5=B1102BBDDD9C87B3D609D6C08F7A3DBD -- C:\WINDOWS\SysNative\winlogon.exe
[2017/11/27 20:04:27 | 000,570,880 | ---- | M] (Microsoft Corporation) MD5=B1102BBDDD9C87B3D609D6C08F7A3DBD -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.18188_none_608530eda8e520b9\winlogon.exe
[2017/11/27 20:04:27 | 000,570,880 | ---- | M] (Microsoft Corporation) MD5=B1102BBDDD9C87B3D609D6C08F7A3DBD -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.18188_none_608530eda8e520b9\winlogon.exe
[2014/11/21 00:18:37 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17415_none_60cdfbfda8aeeef1\winlogon.exe
[2014/11/21 00:18:37 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17415_none_60cdfbfda8aeeef1\winlogon.exe

[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2014/11/21 00:19:29 | 000,321,248 | ---- | M] (Microsoft Corporation) MD5=34E71A52A1BFA68411CAECCFB6D72F8C -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.17415_none_87a41025e9b6078a\ws2_32.dll
[2014/11/21 00:17:59 | 000,363,080 | ---- | M] (Microsoft Corporation) MD5=3A0B3B44C263DB1823360FF3E5C223CE -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.17415_none_e3c2aba9a21378c0\ws2_32.dll
[2017/11/27 20:22:23 | 000,363,104 | ---- | M] (Microsoft Corporation) MD5=B9274FE20F2DA0A92A4B0B3E3CBE1C4C -- C:\WINDOWS\SysNative\ws2_32.dll
[2017/11/27 20:22:23 | 000,363,104 | ---- | M] (Microsoft Corporation) MD5=B9274FE20F2DA0A92A4B0B3E3CBE1C4C -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.18341_none_e39e220fa22f83b1\ws2_32.dll
[2017/11/27 20:22:24 | 000,320,720 | ---- | M] (Microsoft Corporation) MD5=F1EEBAFC8DB948A7089CD1B8152548DC -- C:\Windows\SysWOW64\ws2_32.dll
[2017/11/27 20:22:24 | 000,320,720 | ---- | M] (Microsoft Corporation) MD5=F1EEBAFC8DB948A7089CD1B8152548DC -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.18341_none_877f868be9d2127b\ws2_32.dll

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\Curr entControlSet\Control\Session Manager\SubSystems /s >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2017/11/27 20:16:41 | 013,680,128 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\ieframe.dll

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\ *.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\* .sav >[/color]

[color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color]
[2017/11/27 21:18:12 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-3960534284-2636876331-3666670334-1001\desktop.ini
[2013/08/22 15:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:56E2E879

< End of report >

Signaler le contenu de ce document