cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 30/08/2019 11:21:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administrateur\Desktop
Windows Vista Server Standard Edition (full installation) Service Pack 2 (Version = 6.0.6003) - Type = NTServer
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1.93 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 52.64% Memory free
4.13 Gb Paging File | 3.37 Gb Available in Paging File | 81.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 180.76 Gb Free Space | 77.62% Space Free | Partition Type: NTFS
Drive M: | 232.88 Gb Total Space | 180.76 Gb Free Space | 77.62% Space Free | Partition Type: NTFS

Computer Name: EASYPRINT | User Name: Administrateur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2019/08/30 11:19:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrateur\Desktop\OTL.exe
PRC - [2019/08/07 06:34:39 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2019/06/02 22:17:50 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2019/05/30 15:53:50 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2018/11/12 10:43:10 | 000,517,072 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2018/10/06 10:15:12 | 000,601,424 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2018/03/26 21:24:26 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2015/04/11 01:22:42 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2015/01/24 13:17:08 | 000,375,144 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2013/03/07 23:27:06 | 004,407,808 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files\Cobian Backup 11\cbInterface.exe
PRC - [2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010/03/18 11:36:06 | 000,890,445 | ---- | M] () -- C:\Program Files\XPAccess\UserDesktop\files\srvterminal.exe
PRC - [2009/07/02 19:07:04 | 007,596,576 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009/04/11 08:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009/04/11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2008/08/11 12:41:00 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/01/19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008/01/19 09:33:16 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtc.exe
PRC - [2008/01/19 09:33:14 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008/01/19 09:33:05 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2003/04/19 04:06:26 | 000,008,192 | ---- | M] () -- C:\Windows\srvany.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2019/08/30 11:19:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrateur\Desktop\OTL.exe
MOD - [2019/08/07 07:30:56 | 001,215,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2019/08/07 07:29:15 | 000,783,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2019/08/07 07:29:13 | 000,900,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2019/08/07 07:29:11 | 000,823,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2019/07/16 05:51:00 | 000,300,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2019/07/11 17:30:50 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2019/07/11 04:22:22 | 001,328,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2019/07/11 04:22:22 | 000,576,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2019/07/11 04:22:19 | 001,740,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6003.20589_none_8766a6cee4095a2e\GdiPlus.dll
MOD - [2019/07/10 16:46:30 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2019/07/09 16:57:18 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll
MOD - [2019/07/09 16:57:18 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
MOD - [2019/06/30 16:46:21 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2019/06/26 03:45:55 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2019/06/13 05:16:59 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
MOD - [2019/06/13 05:16:58 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
MOD - [2019/06/05 16:47:42 | 001,686,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6003.20560_none_45cbef42227da0b0\comctl32.dll
MOD - [2019/06/02 23:11:21 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2019/06/02 22:17:50 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
MOD - [2019/05/30 16:46:49 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
MOD - [2019/05/30 16:46:49 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll
MOD - [2019/05/30 16:46:49 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2019/05/30 16:46:48 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
MOD - [2019/05/30 16:46:48 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
MOD - [2019/05/30 16:46:45 | 001,010,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll
MOD - [2019/05/25 01:48:40 | 011,591,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2019/05/23 22:33:34 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll
MOD - [2019/05/10 16:48:14 | 002,269,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
MOD - [2019/05/10 16:48:11 | 001,993,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
MOD - [2019/02/14 05:39:19 | 000,259,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2019/01/30 10:35:25 | 002,531,840 | ---- | M] (TODO: <Company name>) -- C:\Users\Administrateur\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x86\iconOverlay.dll
MOD - [2018/12/14 21:45:40 | 009,756,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
MOD - [2018/12/14 21:43:55 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
MOD - [2018/12/14 21:43:20 | 001,132,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
MOD - [2018/12/14 21:42:16 | 001,808,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
MOD - [2018/11/12 10:43:12 | 000,028,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,025,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,024,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,024,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,022,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,022,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-crt-convert-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,021,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,020,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-crt-time-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,020,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll
MOD - [2018/11/12 10:43:12 | 000,020,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,020,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-synch-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,020,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-processthreads-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,019,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-sysinfo-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,019,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-processenvironment-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-crt-locale-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-crt-environment-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-synch-l1-2-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-processthreads-l1-1-1.dll
MOD - [2018/11/12 10:43:12 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-memory-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-libraryloader-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-console-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-util-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-timezone-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-string-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-namedpipe-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-heap-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-handle-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l2-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l1-2-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-interlocked-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,018,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-errorhandling-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,017,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-rtlsupport-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,017,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-profile-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,017,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-debug-l1-1-0.dll
MOD - [2018/11/12 10:43:12 | 000,017,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\api-ms-win-core-datetime-l1-1-0.dll
MOD - [2018/11/12 10:43:10 | 000,517,072 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2018/11/12 10:43:09 | 001,441,744 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozavcodec.dll
MOD - [2018/11/12 10:43:09 | 001,340,880 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2018/11/12 10:43:09 | 000,440,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\MSVCP140.dll
MOD - [2018/11/12 10:43:09 | 000,409,040 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2018/11/12 10:43:09 | 000,360,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2018/11/12 10:43:09 | 000,154,576 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozavutil.dll
MOD - [2018/11/12 10:43:09 | 000,125,392 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozglue.dll
MOD - [2018/11/12 10:43:09 | 000,096,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2018/11/12 10:43:09 | 000,052,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\lgpllibs.dll
MOD - [2018/11/12 10:43:08 | 000,917,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\ucrtbase.dll
MOD - [2018/11/12 10:43:08 | 000,149,456 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2018/11/12 10:43:07 | 052,390,864 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2018/11/12 10:43:07 | 000,083,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\VCRUNTIME140.dll
MOD - [2018/10/06 10:15:12 | 000,601,424 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2018/08/28 21:01:46 | 000,971,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
MOD - [2018/06/20 16:54:50 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
MOD - [2018/06/11 16:58:06 | 001,324,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browseui.dll
MOD - [2018/06/08 17:44:10 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll
MOD - [2018/05/23 05:17:06 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
MOD - [2018/04/26 16:48:09 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll
MOD - [2018/02/10 09:09:56 | 000,342,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\zipfldr.dll
MOD - [2017/12/09 03:15:53 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
MOD - [2017/08/11 05:03:49 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2017/06/12 00:32:20 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2017/02/11 17:25:03 | 000,682,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
MOD - [2017/02/11 17:23:00 | 001,073,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
MOD - [2016/11/11 18:59:01 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2016/10/07 17:52:18 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2016/05/12 17:33:59 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
MOD - [2016/05/10 17:31:47 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2016/05/10 17:31:17 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll
MOD - [2016/03/18 19:10:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2015/12/05 19:03:06 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
MOD - [2015/01/24 13:17:22 | 000,108,392 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\rntfywnd.dll
MOD - [2015/01/24 13:17:18 | 002,704,240 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.dll
MOD - [2015/01/24 13:17:08 | 000,375,144 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
MOD - [2015/01/24 13:17:07 | 001,526,120 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianDll.dll
MOD - [2014/12/06 05:14:36 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll
MOD - [2013/10/22 09:19:59 | 000,158,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll
MOD - [2013/10/11 04:07:57 | 000,596,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
MOD - [2013/07/26 09:13:21 | 001,076,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2013/03/07 23:27:06 | 004,407,808 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files\Cobian Backup 11\cbInterface.exe
MOD - [2012/06/29 18:01:42 | 000,467,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2011/12/14 18:17:47 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2011/10/14 18:03:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
MOD - [2011/08/31 12:14:46 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll
MOD - [2011/08/25 18:14:01 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
MOD - [2011/01/21 18:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2010/06/18 19:31:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
MOD - [2009/09/04 13:41:59 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
MOD - [2009/07/17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009/07/02 19:07:04 | 007,596,576 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
MOD - [2009/04/11 08:28:25 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
MOD - [2009/04/11 08:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll
MOD - [2009/04/11 08:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll
MOD - [2009/04/11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009/04/11 08:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll
MOD - [2009/04/11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009/04/11 08:28:24 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
MOD - [2009/04/11 08:28:24 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
MOD - [2009/04/11 08:28:23 | 003,174,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll
MOD - [2009/04/11 08:28:23 | 002,226,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
MOD - [2009/04/11 08:28:23 | 001,823,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
MOD - [2009/04/11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009/04/11 08:28:23 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
MOD - [2009/04/11 08:28:23 | 000,242,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
MOD - [2009/04/11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
MOD - [2009/04/11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009/04/11 08:28:23 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
MOD - [2009/04/11 08:28:22 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
MOD - [2009/04/11 08:28:22 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
MOD - [2009/04/11 08:28:20 | 002,012,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
MOD - [2009/04/11 08:28:20 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
MOD - [2009/04/11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009/04/11 08:28:20 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
MOD - [2009/04/11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009/04/11 08:28:20 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
MOD - [2009/04/11 08:28:20 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll
MOD - [2009/04/11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll
MOD - [2009/04/11 08:28:19 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
MOD - [2009/04/11 08:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll
MOD - [2009/04/11 08:28:19 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
MOD - [2009/04/11 08:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
MOD - [2009/04/11 08:28:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
MOD - [2009/04/11 08:28:18 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll
MOD - [2009/04/11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009/04/11 08:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
MOD - [2009/04/11 08:28:18 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll
MOD - [2009/04/11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009/04/11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
MOD - [2009/04/11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
MOD - [2009/04/11 08:27:12 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
MOD - [2009/04/11 08:27:12 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
MOD - [2009/04/11 08:27:12 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv
MOD - [2009/04/11 08:27:12 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv
MOD - [2008/08/11 12:41:00 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
MOD - [2008/01/19 13:23:31 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll
MOD - [2008/01/19 09:37:11 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
MOD - [2008/01/19 09:37:11 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2008/01/19 09:37:11 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
MOD - [2008/01/19 09:37:11 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
MOD - [2008/01/19 09:36:56 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
MOD - [2008/01/19 09:36:55 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
MOD - [2008/01/19 09:36:48 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
MOD - [2008/01/19 09:36:47 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008/01/19 09:36:40 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll
MOD - [2008/01/19 09:36:37 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2008/01/19 09:36:24 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
MOD - [2008/01/19 09:36:17 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
MOD - [2008/01/19 09:36:15 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll
MOD - [2008/01/19 09:36:14 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
MOD - [2008/01/19 09:36:12 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
MOD - [2008/01/19 09:36:06 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
MOD - [2008/01/19 09:36:01 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll
MOD - [2008/01/19 09:35:59 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll
MOD - [2008/01/19 09:35:58 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdsapi.dll
MOD - [2008/01/19 09:35:45 | 002,643,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
MOD - [2008/01/19 09:35:35 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll
MOD - [2008/01/19 09:34:55 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
MOD - [2008/01/19 09:34:54 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
MOD - [2008/01/19 09:34:49 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
MOD - [2008/01/19 09:34:08 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
MOD - [2008/01/19 09:34:07 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
MOD - [2008/01/19 09:34:07 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
MOD - [2008/01/19 09:34:07 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2008/01/19 09:34:02 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
MOD - [2008/01/19 09:33:52 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008/01/19 09:33:47 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
MOD - [2008/01/19 09:33:42 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
MOD - [2008/01/19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006/11/02 11:46:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll
MOD - [2006/11/02 11:46:13 | 000,869,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll
MOD - [2006/11/02 11:46:13 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapi32.dll
MOD - [2006/11/02 11:46:13 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
MOD - [2006/11/02 11:46:13 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSChannel.dll
MOD - [2006/11/02 11:46:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll
MOD - [2006/11/02 11:46:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll
MOD - [2006/11/02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2006/11/02 11:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll
MOD - [2006/11/02 11:46:12 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll
MOD - [2006/11/02 11:46:07 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll
MOD - [2006/11/02 11:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
MOD - [2006/11/02 11:46:02 | 000,737,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll
MOD - [2006/11/02 10:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll
MOD - [2006/11/02 10:22:06 | 006,237,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll


[color=#E56717]========== Services (All) ==========[/color]

SRV - File not found [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2019/07/11 04:22:22 | 000,557,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2019/07/11 04:22:22 | 000,557,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2019/07/11 04:22:22 | 000,155,648 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2019/07/09 16:57:18 | 000,205,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2019/07/04 00:15:17 | 000,139,560 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2019/06/13 05:16:59 | 000,316,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2019/06/13 05:16:59 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2019/06/02 23:11:20 | 000,604,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2019/05/30 16:46:45 | 000,139,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2019/05/30 15:58:42 | 001,945,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2019/05/30 15:53:50 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2019/05/30 15:53:50 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2019/05/30 15:53:50 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (Netlogon)
SRV - [2019/05/30 15:53:50 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2019/05/10 16:48:11 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2019/05/10 15:54:46 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2018/08/09 16:46:40 | 000,408,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2018/06/28 16:48:50 | 000,494,080 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\cscsvc.dll -- (CscService)
SRV - [2018/06/08 17:44:10 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2018/03/26 22:17:43 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (EventLog)
SRV - [2018/03/26 22:17:43 | 000,557,568 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\sysmain.dll -- (SysMain)
SRV - [2017/12/09 03:15:55 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2017/11/02 23:47:31 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2017/08/11 05:03:49 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2017/02/11 17:23:00 | 000,802,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2016/05/12 17:34:03 | 000,365,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2016/05/12 17:34:00 | 000,582,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\gpsvc.dll -- (gpsvc)
SRV - [2016/04/07 17:53:05 | 000,373,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2016/02/06 04:12:18 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2014/12/06 05:14:51 | 000,153,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2014/12/06 05:14:36 | 000,174,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2014/06/27 00:17:19 | 000,879,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2014/05/08 01:42:15 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/10/11 04:08:02 | 000,444,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IKEEXT.DLL -- (IKEEXT)
SRV - [2012/07/26 05:20:40 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WUDFSvc.dll -- (wudfsvc)
SRV - [2010/09/06 18:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2010/02/18 15:30:03 | 000,200,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iphlpsvc.dll -- (iphlpsvc)
SRV - [2009/11/25 01:02:34 | 000,449,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\xpa.dll -- (TermService)
SRV - [2009/07/10 13:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2009/07/10 13:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/06/10 13:42:23 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
SRV - [2009/04/11 08:28:26 | 000,747,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\WsmSvc.dll -- (WinRM)
SRV - [2009/04/11 08:28:25 | 000,282,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\w32time.dll -- (W32Time)
SRV - [2009/04/11 08:28:25 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2009/04/11 08:28:25 | 000,212,480 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\umrdp.dll -- (UmRdpService)
SRV - [2009/04/11 08:28:25 | 000,162,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2009/04/11 08:28:25 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wersvc.dll -- (WerSvc)
SRV - [2009/04/11 08:28:25 | 000,029,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\uxsms.dll -- (UxSms)
SRV - [2009/04/11 08:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/04/11 08:28:24 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/04/11 08:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/04/11 08:28:24 | 000,107,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\regsvc.dll -- (RemoteRegistry)
SRV - [2009/04/11 08:28:24 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr)
SRV - [2009/04/11 08:28:24 | 000,060,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SLUINotify.dll -- (SLUINotify)
SRV - [2009/04/11 08:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009/04/11 08:28:23 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\QAGENTRT.DLL -- (napagent)
SRV - [2009/04/11 08:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2009/04/11 08:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/04/11 08:28:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2009/04/11 08:28:18 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/04/11 08:28:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\certprop.dll -- (SCPolicySvc)
SRV - [2009/04/11 08:28:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\certprop.dll -- (CertPropSvc)
SRV - [2009/04/11 08:28:17 | 000,148,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2009/04/11 08:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/04/11 08:28:15 | 000,137,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV - [2009/04/11 08:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009/04/11 08:28:10 | 000,918,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbengine.exe -- (wbengine)
SRV - [2009/04/11 08:28:09 | 000,385,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vds.exe -- (vds)
SRV - [2009/04/11 08:28:07 | 000,039,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2009/04/11 08:27:53 | 000,078,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rsopprov.exe -- (RSoPProv)
SRV - [2009/04/11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2009/02/18 20:39:20 | 000,043,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/01/19 13:23:32 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sacsvr.dll -- (sacsvr)
SRV - [2008/01/19 13:23:31 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpdbusenum.dll -- (WPDBusEnum)
SRV - [2008/01/19 13:23:31 | 000,022,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FCRegSvc.dll -- (FCRegSvc)
SRV - [2008/01/19 09:36:52 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wecsvc.dll -- (Wecsvc)
SRV - [2008/01/19 09:36:52 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wercplsupport.dll -- (wercplsupport)
SRV - [2008/01/19 09:36:50 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wdi.dll -- (WdiSystemHost)
SRV - [2008/01/19 09:36:50 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wdi.dll -- (WdiServiceHost)
SRV - [2008/01/19 09:36:46 | 000,259,072 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\upnphost.dll -- (upnphost)
SRV - [2008/01/19 09:36:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\trkwks.dll -- (TrkWks)
SRV - [2008/01/19 09:36:39 | 000,056,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\tbssvc.dll -- (TBS)
SRV - [2008/01/19 09:36:36 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sstpsvc.dll -- (SstpSvc)
SRV - [2008/01/19 09:36:21 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SessEnv.dll -- (SessionEnv)
SRV - [2008/01/19 09:36:21 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\Sens.dll -- (SENS)
SRV - [2008/01/19 09:36:15 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2008/01/19 09:36:06 | 001,502,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pla.dll -- (pla)
SRV - [2008/01/19 09:35:36 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/19 09:35:36 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/19 09:35:27 | 000,052,736 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\System32\HPZIPM12.DLL -- (Pml Driver HPZ12)
SRV - [2008/01/19 09:34:56 | 000,344,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\msdtckrm.dll -- (KtmRm)
SRV - [2008/01/19 09:34:49 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\mmcss.dll -- (THREADORDER)
SRV - [2008/01/19 09:34:49 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/19 09:34:42 | 000,188,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lltdsvc.dll -- (lltdsvc)
SRV - [2008/01/19 09:34:36 | 000,068,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\KMSVC.DLL -- (hkmsvc)
SRV - [2008/01/19 09:34:35 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\iscsiexe.dll -- (MSiSCSI)
SRV - [2008/01/19 09:34:34 | 000,288,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/01/19 09:34:34 | 000,074,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\IPBusEnum.dll -- (IPBusEnum)
SRV - [2008/01/19 09:34:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fdPHost.dll -- (fdPHost)
SRV - [2008/01/19 09:34:08 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2008/01/19 09:34:06 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dps.dll -- (DPS)
SRV - [2008/01/19 09:33:49 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2008/01/19 09:33:33 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect)
SRV - [2008/01/19 09:33:16 | 000,105,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\msdtc.exe -- (MSDTC)
SRV - [2008/01/19 09:33:01 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2006/11/02 11:46:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lmhsvc.dll -- (lmhosts)
SRV - [2006/11/02 11:46:04 | 000,027,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FDResPub.dll -- (FDResPub)
SRV - [2006/11/02 11:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2006/11/02 11:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP)
SRV - [2006/11/02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Locator.exe -- (RpcLocator)
SRV - [2006/11/02 11:45:02 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dllhost.exe -- (COMSysApp)
SRV - [2003/04/19 04:06:26 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\srvany.exe -- (TerminalService)


[color=#E56717]========== Driver Services (All) ==========[/color]

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2019/08/07 06:34:35 | 000,306,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv.sys -- (srv)
DRV - [2019/08/07 06:34:28 | 000,149,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV - [2019/08/07 06:34:26 | 000,104,448 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2019/08/07 06:34:22 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2019/08/07 06:34:13 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2019/07/04 16:48:10 | 000,917,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip6)
DRV - [2019/07/04 16:48:10 | 000,917,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2019/07/04 15:55:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2019/05/30 15:51:45 | 000,217,088 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2019/05/30 15:51:42 | 000,082,432 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2019/05/30 15:51:40 | 000,108,544 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2019/05/16 16:49:07 | 000,245,480 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\clfs.sys -- (CLFS)
DRV - [2019/04/19 04:56:54 | 000,149,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pci.sys -- (pci)
DRV - [2019/04/19 04:56:45 | 000,291,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2019/04/19 04:56:35 | 000,049,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2019/04/19 04:56:35 | 000,011,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swenum.sys -- (swenum)
DRV - [2019/04/19 04:56:34 | 000,051,432 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)
DRV - [2019/04/19 04:56:34 | 000,013,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2019/04/19 04:56:24 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2019/04/19 04:04:56 | 000,250,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2019/04/06 15:07:22 | 000,451,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2019/03/29 03:34:35 | 000,086,528 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\luafv.sys -- (luafv)
DRV - [2019/03/08 01:07:47 | 000,186,368 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (NetBT)
DRV - [2019/03/05 09:01:15 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2019/02/16 22:24:05 | 001,083,112 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2019/02/16 06:19:58 | 000,227,328 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2019/02/16 06:19:54 | 000,143,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2019/02/16 06:19:54 | 000,136,704 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2019/02/16 06:19:54 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2019/02/14 04:44:22 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2018/12/11 21:20:37 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2018/12/11 21:20:37 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarp)
DRV - [2018/12/11 21:20:34 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2018/12/11 21:20:33 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2018/11/11 17:50:41 | 000,159,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2018/09/07 23:08:34 | 000,638,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2018/08/09 15:55:31 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2018/07/18 15:52:43 | 000,069,120 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV - [2018/06/28 15:53:34 | 000,352,256 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\csc.sys -- (CSC)
DRV - [2018/03/26 22:39:57 | 000,526,528 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ndis.sys -- (NDIS)
DRV - [2018/03/26 22:39:56 | 000,189,120 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2018/03/26 21:26:33 | 000,413,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\http.sys -- (HTTP)
DRV - [2018/03/26 21:26:29 | 000,074,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\pacer.sys -- (PSched)
DRV - [2018/03/26 21:26:29 | 000,036,352 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2018/03/26 21:22:01 | 000,079,360 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2017/08/11 02:23:23 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2017/07/04 00:12:56 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2017/05/10 18:01:33 | 000,056,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (mountmgr)
DRV - [2017/04/04 16:35:41 | 000,273,408 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\afd.sys -- (AFD)
DRV - [2016/02/02 17:30:36 | 000,071,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2015/01/24 13:17:09 | 000,086,912 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2013/06/29 04:07:15 | 000,197,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2013/06/29 04:07:04 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2013/06/27 01:01:59 | 000,527,064 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2013/06/15 13:23:33 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2013/05/30 07:42:06 | 000,013,624 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - [2012/08/21 13:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2012/07/26 04:33:43 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf)
DRV - [2012/05/01 16:03:49 | 000,180,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2012/03/21 01:28:50 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2012/02/29 15:32:37 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2011/05/05 15:54:07 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2011/05/05 15:54:07 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2010/02/18 13:28:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2009/12/10 10:40:52 | 000,197,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1k6032.sys -- (e1kexpress)
DRV - [2009/09/21 14:20:26 | 000,028,632 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iqvw32.sys -- (NAL)
DRV - [2009/07/24 12:30:12 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/07/02 18:29:04 | 002,656,160 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)
DRV - [2009/04/11 08:32:49 | 000,014,312 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pciide.sys -- (pciide)
DRV - [2009/04/11 08:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpi.sys -- (ACPI)
DRV - [2009/04/11 08:32:46 | 000,180,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\disk.sys -- (disk)
DRV - [2009/04/11 08:32:31 | 000,048,104 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\mup.sys -- (Mup)
DRV - [2009/04/11 08:32:28 | 000,027,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\atapi.sys -- (atapi)
DRV - [2009/04/11 06:46:40 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2009/04/11 06:46:32 | 000,121,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2009/04/11 06:46:30 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009/04/11 06:45:22 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\smb.sys -- (Smb)
DRV - [2009/04/11 06:42:42 | 000,561,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2009/04/11 06:38:40 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2009/04/11 06:14:29 | 000,225,280 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2008/08/11 12:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/11 12:40:34 | 000,010,144 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lmimirr.sys -- (lmimirr)
DRV - [2008/02/22 18:53:00 | 000,016,168 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GearAspiWDM)
DRV - [2008/01/19 13:23:32 | 000,088,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sacdrv.sys -- (sacdrv)
DRV - [2008/01/19 13:23:25 | 000,396,288 | ---- | M] (Broadcom Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\bxvbdx.sys -- (b06bdrv)
DRV - [2008/01/19 13:23:25 | 000,185,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2008/01/19 13:23:25 | 000,042,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\storflt.sys -- (storflt)
DRV - [2008/01/19 13:23:25 | 000,037,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2008/01/19 13:23:25 | 000,031,232 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\qd26032.sys -- (ioatdma)
DRV - [2008/01/19 13:23:25 | 000,015,816 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\s3cap.sys -- (s3cap)
DRV - [2008/01/19 09:43:42 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/19 09:43:20 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/19 09:43:16 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/19 09:43:14 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR)
DRV - [2008/01/19 09:43:11 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/19 09:43:08 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/19 09:43:07 | 000,109,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp)
DRV - [2008/01/19 09:43:03 | 000,105,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)
DRV - [2008/01/19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/19 09:43:01 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/19 09:42:56 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/19 09:42:55 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/19 09:42:54 | 000,094,776 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)
DRV - [2008/01/19 09:42:52 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2008/01/19 09:42:46 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/19 09:42:41 | 000,081,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2008/01/19 09:42:40 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/19 09:42:39 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)
DRV - [2008/01/19 09:42:38 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/19 09:42:35 | 000,179,256 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2008/01/19 09:42:35 | 000,061,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV - [2008/01/19 09:42:33 | 000,060,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV - [2008/01/19 09:42:32 | 000,059,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35)
DRV - [2008/01/19 09:42:31 | 000,058,936 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2008/01/19 09:42:30 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp)
DRV - [2008/01/19 09:42:27 | 000,056,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VIAAGP.SYS -- (viaagp)
DRV - [2008/01/19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGP440.sys -- (agp440)
DRV - [2008/01/19 09:42:21 | 000,055,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp)
DRV - [2008/01/19 09:42:18 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/01/19 09:42:12 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008/01/19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/19 09:42:07 | 000,041,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2008/01/19 09:42:04 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs)
DRV - [2008/01/19 09:41:52 | 000,035,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2008/01/19 09:41:52 | 000,034,360 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2008/01/19 09:41:46 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/19 09:41:45 | 000,030,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp)
DRV - [2008/01/19 09:41:35 | 000,024,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2008/01/19 09:41:31 | 000,022,072 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)
DRV - [2008/01/19 09:41:30 | 000,021,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2008/01/19 09:41:25 | 000,020,792 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/01/19 09:41:25 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/19 09:41:22 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/19 09:41:20 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\intelide.sys -- (intelide)
DRV - [2008/01/19 09:41:17 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2008/01/19 09:41:14 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/19 08:14:40 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/01/19 08:01:09 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2008/01/19 08:01:08 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/01/19 08:01:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2008/01/19 08:01:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/01/19 07:57:16 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\modem.sys -- (Modem)
DRV - [2008/01/19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008/01/19 07:56:34 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/01/19 07:56:34 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/01/19 07:56:31 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008/01/19 07:56:29 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/01/19 07:56:28 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2008/01/19 07:56:23 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2008/01/19 07:55:41 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp)
DRV - [2008/01/19 07:55:40 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/01/19 07:55:19 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/01/19 07:55:03 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2008/01/19 07:55:03 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2008/01/19 07:53:40 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umbus.sys -- (umbus)
DRV - [2008/01/19 07:53:39 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)
DRV - [2008/01/19 07:53:37 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2008/01/19 07:53:33 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2008/01/19 07:53:25 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir)
DRV - [2008/01/19 07:53:24 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)
DRV - [2008/01/19 07:53:21 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2008/01/19 07:53:18 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)
DRV - [2008/01/19 07:53:16 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/01/19 07:52:19 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV - [2008/01/19 07:52:06 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV - [2008/01/19 07:52:06 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/01/19 07:51:02 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)
DRV - [2008/01/19 07:49:48 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2008/01/19 07:49:48 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2008/01/19 07:49:46 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2008/01/19 07:49:46 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2008/01/19 07:49:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV - [2008/01/19 07:49:37 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2008/01/19 07:49:35 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2008/01/19 07:49:33 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport)
DRV - [2008/01/19 07:49:29 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum)
DRV - [2008/01/19 07:49:28 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm)
DRV - [2008/01/19 07:49:20 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/01/19 07:49:19 | 000,006,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2008/01/19 07:49:18 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/19 07:49:18 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/01/19 07:49:18 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/01/19 07:49:16 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)
DRV - [2008/01/19 07:49:16 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV - [2008/01/19 07:49:12 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2008/01/19 07:49:10 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2008/01/19 07:39:33 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2008/01/19 07:32:49 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\errdev.sys -- (ErrDev)
DRV - [2008/01/19 07:32:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/01/19 07:30:23 | 000,027,648 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2008/01/19 07:30:07 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2008/01/19 07:27:21 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)
DRV - [2008/01/19 07:27:21 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7)
DRV - [2008/01/19 07:27:21 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)
DRV - [2008/01/19 07:27:20 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2008/01/19 07:27:20 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe)
DRV - [2008/01/19 06:25:05 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60)
DRV - [2006/11/02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 11:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid)
DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 09:36:49 | 000,235,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2006/11/02 09:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
DRV - [2006/11/02 08:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-4136263788-1113573691-2861688713-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iesetup.dll/HardAdmin.htm
IE - HKU\S-1-5-21-4136263788-1113573691-2861688713-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\S-1-5-21-4136263788-1113573691-2861688713-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-4136263788-1113573691-2861688713-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-4136263788-1113573691-2861688713-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
IE - HKU\S-1-5-21-4136263788-1113573691-2861688713-500\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-4136263788-1113573691-2861688713-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4136263788-1113573691-2861688713-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4136263788-1113573691-2861688713-500\..\SearchScopes\{E4B804C4-8AFD-48FF-A830-C6FECB43E2C6}: "URL" = https://fr.search.yahoo.com/search?p={searchTerms}&intl=fr&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
IE - HKU\S-1-5-21-4136263788-1113573691-2861688713-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:52.9.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.191.2: C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.191.2: C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/02/28 04:00:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.9.0 ESR\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.9.0 ESR\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2018/01/24 15:32:03 | 000,000,000 | ---D | M]

[2010/03/29 18:00:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrateur\AppData\Roaming\Mozilla\Extensions
[2010/03/29 18:00:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrateur\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2019/08/30 09:45:42 | 000,008,263 | ---- | M] () (No name found) -- C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\3guopuoe.default-1567144921670\features\{f111b43f-5a20-4606-acf9-73361a44e9a1}\hotfix-bug-1548973@mozilla.org.xpi
[2018/11/12 10:43:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2013/05/08 04:12:56 | 000,106,088 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Cobian Backup 11 interface] C:\Program Files\Cobian Backup 11\cbInterface.exe (Luis Cobian, CobianSoft)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [walogon] C:\Program Files\XPAccess\UserDesktop\files\runwconsole.exe ()
O4 - Startup: C:\Users\albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\lothain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ShowSuperHidden = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{875002A1-165B-4DE1-AE4A-BF1D54801EB1}: NameServer = 80.10.246.2,80.10.246.129
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - HKU\S-1-5-21-4136263788-1113573691-2861688713-500 Winlogon: Shell - (explorer.exe) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2019/08/29 20:33:12 | 000,000,976 | ---- | M] () - C:\autoexec.bat.decryption2019 -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - State: "bootini" - 2
MsConfig - State: "startup" - 2

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A509B1A7-37EF-4b3f-8CFC-4F3A74704073} - %systemroot%\system32\rundll32.exe iesetup.dll,IEHardenAdmin
ActiveX: {A509B1A8-37EF-4b3f-8CFC-4F3A74704073} - %systemroot%\system32\rundll32.exe iesetup.dll,IEHardenUser
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: TermService - C:\Windows\System32\xpa.dll (Microsoft Corporation)
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: sacsvr - C:\Windows\System32\sacsvr.dll (Microsoft Corporation)

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - C:\Windows\System32\sacsvr.dll (Microsoft Corporation)
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TabletInputService - Service
SafeBootMin: WudfRd - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NativeWifiP - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - C:\Windows\System32\sacsvr.dll (Microsoft Corporation)
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TabletInputService - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: Wlansvc - Service
SafeBootNet: WudfRd - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

CREATERESTOREPOINT
System Restore Service not available.

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2019/08/30 11:19:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Administrateur\Desktop\OTL.exe
[2019/08/30 10:47:38 | 000,000,000 | ---D | C] -- C:\QuickDiag
[2019/08/30 09:48:58 | 000,000,000 | ---D | C] -- C:\Users\Administrateur\AppData\Local\TeamViewer
[2019/08/30 08:02:05 | 000,000,000 | ---D | C] -- C:\Users\Administrateur\Desktop\Anciennes données de Firefox
[2019/08/26 10:16:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2019/08/26 10:16:17 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcmonitor.dll
[2019/08/26 10:16:16 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2019/08/26 10:16:16 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys
[2019/08/26 10:16:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2019/08/26 10:16:15 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2019/08/26 10:16:13 | 000,308,448 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2019/08/26 10:16:13 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2019/08/26 10:16:11 | 000,654,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2019/08/26 10:16:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2019/08/26 10:16:08 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2019/08/26 10:16:06 | 002,085,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2019/08/26 10:16:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comcat.dll
[2019/08/26 10:16:04 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2019/08/26 10:16:04 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2019/08/26 10:16:04 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2019/08/26 10:16:02 | 000,620,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2019/08/26 10:16:02 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2019/08/26 10:16:02 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleres.dll
[2019/08/26 10:16:00 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2019/08/26 10:16:00 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2019/08/26 10:15:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2019/08/26 10:15:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2019/08/26 10:15:53 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2019/08/26 10:15:51 | 003,501,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2019/08/26 10:15:50 | 003,596,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2019/08/01 08:23:18 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2019/08/01 08:23:08 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2019/08/01 08:23:07 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2019/08/01 08:22:48 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2019/08/01 08:22:46 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpclip.exe
[2019/08/01 08:22:46 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2019/08/01 08:22:45 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2019/08/01 08:22:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2019/08/01 08:22:44 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2019/07/18 08:38:55 | 000,000,000 | ---D | C] -- C:\Users\Administrateur\AppData\Local\Adobe

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2019/08/30 11:19:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrateur\Desktop\OTL.exe
[2019/08/30 11:09:29 | 000,004,928 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2019/08/30 11:09:29 | 000,004,928 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2019/08/30 11:01:40 | 000,000,680 | ---- | M] () -- C:\Users\Administrateur\AppData\Local\d3d9caps.dat
[2019/08/30 10:55:51 | 000,000,051 | ---- | M] () -- C:\lang.ini
[2019/08/30 10:55:32 | 000,252,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2019/08/30 10:55:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2019/08/29 21:35:59 | 003,585,739 | ---- | M] () -- C:\Users\Administrateur\Desktop\LothainDer.exe.decryption2019
[2019/08/29 21:35:59 | 001,505,480 | ---- | M] () -- C:\Users\Administrateur\Desktop\serveur.exe.decryption2019
[2019/08/29 21:35:59 | 000,113,832 | ---- | M] () -- C:\Users\Administrateur\Desktop\ULTIMA.pdf.decryption2019
[2019/08/29 21:35:59 | 000,003,616 | ---- | M] () -- C:\Users\Administrateur\Desktop\test.pdf.decryption2019
[2019/08/29 21:35:58 | 001,221,360 | ---- | M] () -- C:\Users\Administrateur\Desktop\Inapa_CISIACPL_15179.csv.decryption2019
[2019/08/29 21:35:58 | 000,385,424 | ---- | M] () -- C:\Users\Administrateur\Desktop\Logo_non millÇsimÇ_cls.jpg.decryption2019
[2019/08/29 21:35:58 | 000,029,406 | ---- | M] () -- C:\Users\Administrateur\Desktop\lert.pdf.decryption2019
[2019/08/29 21:35:57 | 068,710,232 | ---- | M] () -- C:\Users\Administrateur\Desktop\IMP-habillage Beach flag st chamond v.2.pdf.decryption2019
[2019/08/29 21:35:52 | 271,738,520 | ---- | M] () -- C:\Users\Administrateur\Desktop\AV2010FRA.exe.decryption2019
[2019/08/29 21:35:52 | 000,061,777 | ---- | M] () -- C:\Users\Administrateur\Desktop\Commande n 201805064.pdf.decryption2019
[2019/08/29 21:35:52 | 000,058,991 | ---- | M] () -- C:\Users\Administrateur\Desktop\Commande n 201904335 bombrun.pdf.decryption2019
[2019/08/29 21:35:52 | 000,001,872 | ---- | M] () -- C:\Users\Administrateur\Desktop\BDC_FOURNISSEURS (qube) (Z) - Raccourci.lnk.decryption2019
[2019/08/29 21:35:52 | 000,001,776 | ---- | M] () -- C:\Users\Administrateur\Desktop\FileZilla.lnk.decryption2019
[2019/08/29 21:35:52 | 000,001,456 | ---- | M] () -- C:\Users\Administrateur\Desktop\Easyprint.lnk.decryption2019
[2019/08/29 21:35:51 | 003,393,920 | ---- | M] () -- C:\Users\Administrateur\Desktop\Albert.exe.decryption2019
[2019/08/29 21:35:51 | 000,049,024 | ---- | M] () -- C:\Users\Administrateur\Desktop\How_to_open_files.html
[2019/08/29 21:35:45 | 000,049,024 | ---- | M] () -- C:\Users\Administrateur\Documents\How_to_open_files.html
[2019/08/29 21:35:24 | 000,049,024 | ---- | M] () -- C:\Users\Administrateur\How_to_open_files.html
[2019/08/29 21:35:24 | 000,000,992 | -H-- | M] () -- C:\Users\Administrateur\.uuid.decryption2019
[2019/08/29 21:33:01 | 000,903,136 | ---- | M] () -- C:\ProgramData\Uninstal1.exe.decryption2019
[2019/08/29 21:33:01 | 000,049,024 | ---- | M] () -- C:\ProgramData\How_to_open_files.html
[2019/08/29 21:31:38 | 000,001,008 | ---- | M] () -- C:\lang.ini.decryption2019
[2019/08/29 20:33:18 | 000,049,024 | ---- | M] () -- C:\Users\Public\Documents\How_to_open_files.html
[2019/08/29 20:33:18 | 000,049,024 | ---- | M] () -- C:\Users\Public\Desktop\How_to_open_files.html
[2019/08/29 20:33:18 | 000,002,736 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk.decryption2019
[2019/08/29 20:33:18 | 000,002,592 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk.decryption2019
[2019/08/29 20:33:18 | 000,001,952 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk.decryption2019
[2019/08/29 20:33:13 | 430,651,079 | ---- | M] () -- C:\BASE6.zip.decryption2019
[2019/08/29 20:33:13 | 000,009,136 | --S- | M] () -- C:\BOOTSECT.BAK.decryption2019
[2019/08/29 20:33:13 | 000,000,960 | ---- | M] () -- C:\config.sys.decryption2019
[2019/08/29 20:33:12 | 000,049,024 | ---- | M] () -- C:\How_to_open_files.html
[2019/08/29 20:33:12 | 000,001,968 | ---- | M] () -- C:\.rnd.decryption2019
[2019/08/29 20:33:12 | 000,000,976 | ---- | M] () -- C:\autoexec.bat.decryption2019
[2019/08/27 17:08:27 | 000,592,628 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2019/08/27 17:08:27 | 000,128,068 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2019/08/27 17:08:27 | 000,104,540 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2019/08/27 17:08:27 | 000,014,096 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2019/08/07 07:30:58 | 003,596,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2019/08/07 07:30:58 | 003,501,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2019/08/07 07:30:57 | 000,171,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2019/08/07 07:30:57 | 000,171,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2019/08/07 07:30:46 | 000,139,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2019/08/07 07:29:15 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2019/08/07 07:29:14 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2019/08/07 07:29:14 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2019/08/07 07:29:14 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2019/08/07 07:29:12 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2019/08/07 06:38:04 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys
[2019/08/07 06:36:37 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2019/08/07 06:34:08 | 000,620,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2019/07/24 01:21:50 | 000,654,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2019/07/16 05:51:01 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2019/07/11 04:22:20 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comcat.dll
[2019/07/11 03:24:34 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleres.dll
[2019/07/11 02:41:07 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2019/07/11 02:41:07 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2019/07/11 02:41:07 | 000,313,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2019/07/10 16:48:41 | 000,308,448 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2019/07/10 16:46:32 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2019/07/10 16:46:29 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2019/07/10 16:46:28 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2019/07/10 16:46:27 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2019/07/10 15:53:06 | 002,085,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2019/07/09 16:57:18 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2019/07/09 16:57:18 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcmonitor.dll
[2019/07/04 00:58:21 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2019/08/29 21:35:51 | 000,049,024 | ---- | C] () -- C:\Users\Administrateur\Desktop\How_to_open_files.html
[2019/08/29 21:35:45 | 000,049,024 | ---- | C] () -- C:\Users\Administrateur\Documents\How_to_open_files.html
[2019/08/29 21:35:24 | 000,049,024 | ---- | C] () -- C:\Users\Administrateur\How_to_open_files.html
[2019/08/29 21:33:01 | 000,049,024 | ---- | C] () -- C:\ProgramData\How_to_open_files.html
[2019/08/29 21:31:32 | 000,001,008 | ---- | C] () -- C:\lang.ini.decryption2019
[2019/08/29 21:31:32 | 000,000,051 | ---- | C] () -- C:\lang.ini
[2019/08/29 20:33:18 | 000,049,024 | ---- | C] () -- C:\Users\Public\Documents\How_to_open_files.html
[2019/08/29 20:33:18 | 000,049,024 | ---- | C] () -- C:\Users\Public\Desktop\How_to_open_files.html
[2019/08/29 20:33:12 | 000,049,024 | ---- | C] () -- C:\How_to_open_files.html
[2019/01/30 10:35:32 | 000,000,992 | -H-- | C] () -- C:\Users\Administrateur\.uuid.decryption2019
[2019/01/28 17:20:14 | 002,694,144 | ---- | C] () -- C:\Windows\System32\svhost.exe
[2010/03/09 18:43:18 | 000,903,136 | ---- | C] () -- C:\ProgramData\Uninstal1.exe.decryption2019
[2010/02/26 12:26:37 | 000,000,680 | ---- | C] () -- C:\Users\Administrateur\AppData\Local\d3d9caps.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2008/01/19 13:42:07 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2019/05/25 01:48:40 | 011,591,168 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2010/04/30 09:11:21 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\FileZilla
[2010/05/07 10:53:28 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Novosoft
[2010/04/19 18:14:56 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\OpenOffice.org
[2010/04/30 11:37:10 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Opera
[2019/07/22 10:55:45 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\RDP
[2018/04/16 09:20:15 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Seamless
[2019/08/30 09:48:43 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\TeamViewer
[2017/08/21 08:50:27 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Yahoo
[2010/05/16 23:06:39 | 000,000,000 | ---D | M] -- C:\Users\albert\AppData\Roaming\Novosoft
[2010/09/20 13:32:51 | 000,000,000 | ---D | M] -- C:\Users\albert\AppData\Roaming\OpenOffice.org
[2019/08/29 21:33:50 | 000,000,000 | ---D | M] -- C:\Users\albert\AppData\Roaming\TeamViewer
[2010/06/18 08:21:52 | 000,000,000 | ---D | M] -- C:\Users\commercial1\AppData\Roaming\OpenOffice.org
[2010/05/04 08:30:54 | 000,000,000 | ---D | M] -- C:\Users\commercial1\AppData\Roaming\Opera
[2017/08/30 16:29:50 | 000,000,000 | ---D | M] -- C:\Users\commercial2\AppData\Roaming\OpenOffice.org
[2013/02/20 17:32:38 | 000,000,000 | ---D | M] -- C:\Users\cyril\AppData\Roaming\Novosoft
[2012/06/08 09:38:54 | 000,000,000 | ---D | M] -- C:\Users\cyril\AppData\Roaming\OpenOffice.org
[2010/05/07 15:19:47 | 000,000,000 | ---D | M] -- C:\Users\lothain\AppData\Roaming\Novosoft
[2010/08/16 09:21:22 | 000,000,000 | ---D | M] -- C:\Users\lothain\AppData\Roaming\OpenOffice.org
[2010/04/30 10:49:06 | 000,000,000 | ---D | M] -- C:\Users\lothain\AppData\Roaming\Opera
[2019/08/29 20:33:38 | 000,000,000 | ---D | M] -- C:\Users\lothain\AppData\Roaming\TeamViewer
[2019/08/29 20:33:37 | 000,000,000 | ---D | M] -- C:\Users\lothain\AppData\Roaming\Thunderbird

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKCU\Software >[/color]

[HKEY_CURRENT_USER\Software\3rd Eye Solutions]

[HKEY_CURRENT_USER\Software\Adobe]

[HKEY_CURRENT_USER\Software\AppDataLow]

[HKEY_CURRENT_USER\Software\Applications WinDev]

[HKEY_CURRENT_USER\Software\Clients]

[HKEY_CURRENT_USER\Software\CTPW Data]

[HKEY_CURRENT_USER\Software\derelict]

[HKEY_CURRENT_USER\Software\ECOFFI]

[HKEY_CURRENT_USER\Software\Ecoffi software]

[HKEY_CURRENT_USER\Software\G DATA]

[HKEY_CURRENT_USER\Software\g3n-h@ckm@n]

[HKEY_CURRENT_USER\Software\Hewlett-Packard]

[HKEY_CURRENT_USER\Software\JavaSoft]

[HKEY_CURRENT_USER\Software\LogMeIn]

[HKEY_CURRENT_USER\Software\Macromedia]

[HKEY_CURRENT_USER\Software\Microsoft]

[HKEY_CURRENT_USER\Software\Netscape]

[HKEY_CURRENT_USER\Software\Novosoft]

[HKEY_CURRENT_USER\Software\ODBC]

[HKEY_CURRENT_USER\Software\OpenOffice.org]

[HKEY_CURRENT_USER\Software\Opera Software]

[HKEY_CURRENT_USER\Software\PC SOFT]

[HKEY_CURRENT_USER\Software\Policies]

[HKEY_CURRENT_USER\Software\Realtek]

[HKEY_CURRENT_USER\Software\sysinternals]

[HKEY_CURRENT_USER\Software\TeamViewer]

[HKEY_CURRENT_USER\Software\YahooPartnerToolbar]

[HKEY_CURRENT_USER\Software\Classes]

[color=#A23BEC]< HKCU\Software\AppDataLow /s >[/color]
[HKEY_CURRENT_USER\Software\AppDataLow\Software]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\JavaSoft]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\JavaSoft\DeploymentProperties]
"deployment.modified.timestamp" = 1502194391320
"deployment.roaming.profile" = false
"deployment.version" = 8
"deployment.expired.version" = 11.77.2
"deployment.browser.path" = C:\Program Files\Mozilla Firefox\firefox.exe -- [2018/11/12 10:43:10 | 000,517,072 | ---- | M] (Mozilla Corporation)
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Internet Explorer]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Internet Explorer\Security]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Internet Explorer\Security\AntiPhishing]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Internet Explorer\Security\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\RepService]
"i" = 9E153CA5-C914-4F33-83E3-E412E88D4806 [binary data]

[color=#A23BEC]< HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /s >[/color]

[color=#A23BEC]< HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /s >[/color]

[color=#A23BEC]< HKLM\Software >[/color]

[HKEY_LOCAL_MACHINE\Software\Adobe]

[HKEY_LOCAL_MACHINE\Software\Apple Inc.]

[HKEY_LOCAL_MACHINE\Software\Classes]

[HKEY_LOCAL_MACHINE\Software\Clients]

[HKEY_LOCAL_MACHINE\Software\CobianSoft]

[HKEY_LOCAL_MACHINE\Software\CUSTPDF Writer]

[HKEY_LOCAL_MACHINE\Software\Digital River]

[HKEY_LOCAL_MACHINE\Software\famatech]

[HKEY_LOCAL_MACHINE\Software\G DATA]

[HKEY_LOCAL_MACHINE\Software\g3n-h@ckm@n]

[HKEY_LOCAL_MACHINE\Software\Google]

[HKEY_LOCAL_MACHINE\Software\Hewlett-Packard]

[HKEY_LOCAL_MACHINE\Software\Intel]

[HKEY_LOCAL_MACHINE\Software\JavaSoft]

[HKEY_LOCAL_MACHINE\Software\JreMetrics]

[HKEY_LOCAL_MACHINE\Software\LogMeIn]

[HKEY_LOCAL_MACHINE\Software\LogMeIn Ignition]

[HKEY_LOCAL_MACHINE\Software\LogMeIn, Inc.]

[HKEY_LOCAL_MACHINE\Software\Macromedia]

[HKEY_LOCAL_MACHINE\Software\Microsoft]

[HKEY_LOCAL_MACHINE\Software\Miray]

[HKEY_LOCAL_MACHINE\Software\Mozilla]

[HKEY_LOCAL_MACHINE\Software\mozilla.org]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\Software\Novosoft]

[HKEY_LOCAL_MACHINE\Software\ODBC]

[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]

[HKEY_LOCAL_MACHINE\Software\OpenOffice.org]

[HKEY_LOCAL_MACHINE\Software\Oracle]

[HKEY_LOCAL_MACHINE\Software\Policies]

[HKEY_LOCAL_MACHINE\Software\Realtek]

[HKEY_LOCAL_MACHINE\Software\Realtek Semiconductor Corp.]

[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]

[HKEY_LOCAL_MACHINE\Software\SRS Labs]

[HKEY_LOCAL_MACHINE\Software\Sun Microsystems]

[HKEY_LOCAL_MACHINE\Software\Synology]

[HKEY_LOCAL_MACHINE\Software\sysinternals]

[HKEY_LOCAL_MACHINE\Software\TeamViewer]

[HKEY_LOCAL_MACHINE\Software\TrendMicro]

[HKEY_LOCAL_MACHINE\Software\WD]

[HKEY_LOCAL_MACHINE\Software\Windows]

[HKEY_LOCAL_MACHINE\Software\Yahoo]

[color=#A23BEC]< HKCU\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 9
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 9

[color=#A23BEC]< HKLM\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 64
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 64

[color=#A23BEC]< HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /s >[/color]
"ShowSuperHidden" = 1
"BindDirectlyToPropertySetStorage" = 0
"NoCDBurning" = 1

[color=#A23BEC]< HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /s >[/color]
"ConsentPromptBehaviorAdmin" = 2
"ConsentPromptBehaviorUser" = 1
"EnableInstallerDetection" = 1
"EnableLUA" = 0
"EnableSecureUIAPaths" = 1
"EnableUIADesktopToggle" = 0
"EnableVirtualization" = 1
"PromptOnSecureDesktop" = 1
"ValidateAdminCodeSignatures" = 0
"disablecad" = 0
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"scforceoption" = 0
"shutdownwithoutlogon" = 0
"undockwithoutlogon" = 1
"FilterAdministratorToken" = 0
"EnableLinkedConnections" = 1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT" = 1
"CF_BITMAP" = 2
"CF_OEMTEXT" = 7
"CF_DIB" = 8
"CF_PALETTE" = 9
"CF_UNICODETEXT" = 13
"CF_DIBV5" = 17

[color=#A23BEC]< HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /s >[/color]

[color=#A23BEC]< HKLM\System\CurrentControlSet\Control\Session Manager\AppcertDlls /s >[/color]

[color=#A23BEC]< %Homedrive%\* >[/color]
[2019/08/29 20:33:12 | 000,001,968 | ---- | M] () -- C:\.rnd.decryption2019
[2019/08/29 20:33:12 | 000,000,976 | ---- | M] () -- C:\autoexec.bat.decryption2019
[2019/08/29 20:33:13 | 430,651,079 | ---- | M] () -- C:\BASE6.zip.decryption2019
[2017/12/11 23:46:18 | 000,351,168 | RHS- | M] () -- C:\bootmgr
[2019/08/29 20:33:13 | 000,009,136 | --S- | M] () -- C:\BOOTSECT.BAK.decryption2019
[2019/08/29 20:33:13 | 000,000,960 | ---- | M] () -- C:\config.sys.decryption2019
[2019/08/29 20:33:12 | 000,049,024 | ---- | M] () -- C:\How_to_open_files.html
[2019/08/29 20:33:14 | 001,984,432 | ---- | M] () -- C:\Inapa_CISIACPL_15179(1).xls.decryption2019
[2019/08/30 10:55:51 | 000,000,051 | ---- | M] () -- C:\lang.ini
[2019/08/29 21:31:38 | 000,001,008 | ---- | M] () -- C:\lang.ini.decryption2019
[2019/08/30 10:54:58 | 2387,083,264 | -HS- | M] () -- C:\pagefile.sys
[2019/08/30 11:10:13 | 000,076,188 | ---- | M] () -- C:\QuickDiag.txt
[2019/08/30 09:57:38 | 000,002,864 | ---- | M] () -- C:\RakhniDecryptor.1.22.0.0_30.08.2019_09.56.27_log.txt

[color=#A23BEC]< %Homedrive%\*. >[/color]
[2010/03/23 21:36:59 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2013/11/28 12:36:09 | 000,000,000 | ---D | M] -- C:\Backupparam
[2019/08/30 06:15:43 | 000,000,000 | ---D | M] -- C:\BASE6
[2019/06/28 10:42:36 | 000,000,000 | -HSD | M] -- C:\Boot
[2008/01/19 13:48:04 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2019/08/05 16:51:13 | 000,000,000 | ---D | M] -- C:\easyprint
[2016/05/12 03:23:41 | 000,000,000 | ---D | M] -- C:\inetpub
[2010/02/26 15:01:03 | 000,000,000 | ---D | M] -- C:\Intel
[2008/01/19 11:40:52 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2010/09/22 11:00:46 | 000,000,000 | ---D | M] -- C:\PHOTOS
[2019/08/30 09:44:12 | 000,000,000 | R--D | M] -- C:\Program Files
[2019/08/29 21:33:01 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2019/08/30 11:10:13 | 000,000,000 | ---D | M] -- C:\QuickDiag
[2010/02/26 15:01:18 | 000,000,000 | ---D | M] -- C:\swsetup
[2019/08/27 22:17:10 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2019/08/29 20:33:13 | 000,000,000 | R--D | M] -- C:\Users
[2019/08/27 16:57:31 | 000,000,000 | ---D | M] -- C:\Windows

[color=#A23BEC]< %Homedrive%\Recycler\*.exe /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.scr /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.pif /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.vb* /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.exe /s >[/color]
[2019/08/30 09:45:13 | 000,000,544 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-4136263788-1113573691-2861688713-500\$I2TRLU2.exe
[2019/08/30 09:45:13 | 000,000,544 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-4136263788-1113573691-2861688713-500\$IE4TID0.exe
[2019/08/30 09:45:13 | 000,000,544 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-4136263788-1113573691-2861688713-500\$IUPDWE8.exe
[2019/08/30 09:42:53 | 022,796,808 | ---- | M] (TeamViewer GmbH) -- C:\$Recycle.bin\S-1-5-21-4136263788-1113573691-2861688713-500\$R2TRLU2.exe
[2019/08/30 09:29:10 | 022,796,808 | ---- | M] (TeamViewer GmbH) -- C:\$Recycle.bin\S-1-5-21-4136263788-1113573691-2861688713-500\$RE4TID0.exe
[2019/08/30 09:42:37 | 022,796,808 | ---- | M] (TeamViewer GmbH) -- C:\$Recycle.bin\S-1-5-21-4136263788-1113573691-2861688713-500\$RUPDWE8.exe

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.scr /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.pif /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.vb* /s >[/color]

[color=#A23BEC]< %Userprofile%\* >[/color]
[2019/08/29 21:35:24 | 000,000,992 | -H-- | M] () -- C:\Users\Administrateur\.uuid.decryption2019
[2019/08/29 21:35:24 | 000,049,024 | ---- | M] () -- C:\Users\Administrateur\How_to_open_files.html
[2019/08/30 11:20:29 | 003,145,728 | -HS- | M] () -- C:\Users\Administrateur\NTUSER.DAT
[2019/08/30 11:20:29 | 000,262,144 | -H-- | M] () -- C:\Users\Administrateur\ntuser.dat.LOG1
[2010/02/26 12:26:30 | 000,000,000 | -H-- | M] () -- C:\Users\Administrateur\ntuser.dat.LOG2
[2019/08/30 10:53:51 | 000,065,536 | -HS- | M] () -- C:\Users\Administrateur\NTUSER.DAT{7d5ec63a-c5bc-11dc-a02b-0019bbe6a65a}.TM.blf
[2019/08/30 10:53:51 | 000,524,288 | -HS- | M] () -- C:\Users\Administrateur\NTUSER.DAT{7d5ec63a-c5bc-11dc-a02b-0019bbe6a65a}.TMContainer00000000000000000001.regtrans-ms
[2010/02/26 12:26:31 | 000,524,288 | -HS- | M] () -- C:\Users\Administrateur\NTUSER.DAT{7d5ec63a-c5bc-11dc-a02b-0019bbe6a65a}.TMContainer00000000000000000002.regtrans-ms
[2019/08/30 07:59:59 | 000,000,020 | -HS- | M] () -- C:\Users\Administrateur\ntuser.ini
[2019/08/29 21:35:24 | 000,000,976 | -HS- | M] () -- C:\Users\Administrateur\ntuser.ini.decryption2019
[2019/08/29 21:35:24 | 000,003,648 | ---- | M] () -- C:\Users\Administrateur\volshext.log.decryption2019

[color=#A23BEC]< %Userprofile%\*. >[/color]
[2010/05/07 11:10:31 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\.areca
[2016/03/28 05:24:16 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\.oracle_jre_usage
[2019/08/30 09:15:06 | 000,000,000 | -H-D | M] -- C:\Users\Administrateur\AppData
[2010/02/26 12:26:31 | 000,000,000 | -HSD | M] -- C:\Users\Administrateur\Application Data
[2010/02/26 12:27:03 | 000,000,000 | R--D | M] -- C:\Users\Administrateur\Contacts
[2010/02/26 12:26:31 | 000,000,000 | -HSD | M] -- C:\Users\Administrateur\Cookies
[2019/08/30 11:19:53 | 000,000,000 | R--D | M] -- C:\Users\Administrateur\Desktop
[2019/08/29 21:35:45 | 000,000,000 | R--D | M] -- C:\Users\Administrateur\Documents
[2019/08/30 11:19:53 | 000,000,000 | R--D | M] -- C:\Users\Administrateur\Downloads
[2019/08/29 21:35:25 | 000,000,000 | R--D | M] -- C:\Users\Administrateur\Favorites
[2019/08/29 21:35:25 | 000,000,000 | R--D | M] -- C:\Users\Administrateur\Links
[2010/02/26 12:26:31 | 000,000,000 | -HSD | M] -- C:\Users\Administrateur\Local Settings
[2010/02/26 12:26:31 | 000,000,000 | -HSD | M] -- C:\Users\Administrateur\Menu Démarrer
[2010/02/26 12:26:31 | 000,000,000 | -HSD | M] -- C:\Users\Administrateur\Mes documents
[2010/02/26 12:26:31 | 000,000,000 | -HSD | M] -- C:\Users\Administrateur\Modèles
[2019/08/29 21:35:24 | 000,000,000 | R--D | M] -- C:\Users\Administrateur\Music
[2019/08/29 21:35:24 | 000,000,000 | R--D | M] -- C:\Users\Administrateur\Pictures
[2010/02/26 12:26:31 | 000,000,000 | -HSD | M] -- C:\Users\Administrateur\Recent
[2019/08/29 21:35:24 | 000,000,000 | R--D | M] -- C:\Users\Administrateur\Saved Games
[2019/08/29 21:35:24 | 000,000,000 | R--D | M] -- C:\Users\Administrateur\Searches
[2010/02/26 12:26:31 | 000,000,000 | -HSD | M] -- C:\Users\Administrateur\SendTo
[2010/07/23 09:15:07 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\temp
[2019/08/29 21:35:24 | 000,000,000 | R--D | M] -- C:\Users\Administrateur\Videos
[2010/02/26 12:26:31 | 000,000,000 | -HSD | M] -- C:\Users\Administrateur\Voisinage d'impression
[2010/02/26 12:26:31 | 000,000,000 | -HSD | M] -- C:\Users\Administrateur\Voisinage réseau

[color=#A23BEC]< %Allusersprofile%\* >[/color]
[2019/08/29 21:33:01 | 000,049,024 | ---- | M] () -- C:\ProgramData\How_to_open_files.html
[2019/08/29 21:33:01 | 000,903,136 | ---- | M] () -- C:\ProgramData\Uninstal1.exe.decryption2019

[color=#A23BEC]< %Allusersprofile%\*. >[/color]
[2012/04/16 10:35:58 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2008/01/19 13:48:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2010/02/26 12:25:27 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2008/01/19 13:48:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2008/01/19 13:48:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2010/02/26 12:25:27 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2008/01/19 13:48:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/09/05 19:46:53 | 000,000,000 | ---D | M] -- C:\ProgramData\G DATA
[2019/08/29 21:33:24 | 000,000,000 | ---D | M] -- C:\ProgramData\LogMeIn
[2010/02/26 12:25:27 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2010/04/30 10:22:49 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2010/02/26 12:25:27 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2012/10/15 16:08:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla
[2017/07/25 10:09:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Novosoft
[2017/08/21 09:01:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Oracle
[2008/01/19 13:48:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2010/04/19 18:14:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun
[2008/01/19 13:48:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates

[color=#A23BEC]< %LocalAppData%\* >[/color]
[2019/08/30 11:01:40 | 000,000,680 | ---- | M] () -- C:\Users\Administrateur\AppData\Local\d3d9caps.dat
[2019/08/30 10:47:39 | 000,054,952 | ---- | M] () -- C:\Users\Administrateur\AppData\Local\GDIPFONTCACHEV1.DAT
[2019/08/30 10:53:43 | 001,441,746 | -H-- | M] () -- C:\Users\Administrateur\AppData\Local\IconCache.db

[color=#A23BEC]< %LocalAppData%\*. >[/color]
[2019/07/18 08:38:55 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Local\Adobe
[2019/06/21 12:28:17 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Local\CloudStation
[2018/09/18 08:42:34 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Local\CUSTPDF Writer
[2010/05/04 18:35:22 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Local\Downloaded Installations
[2010/05/04 19:05:25 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Local\LogMeIn
[2010/05/04 16:45:47 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Local\Microsoft
[2010/03/29 18:00:05 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Local\Mozilla
[2010/04/30 11:37:10 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Local\Opera
[2010/05/03 14:59:04 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Local\Safe mirror
[2019/08/30 09:48:58 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Local\TeamViewer
[2019/08/30 11:10:16 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Local\Temp
[2010/03/09 17:30:13 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Local\WDSetup
[2017/08/21 08:49:44 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Local\YSearchUtil

[color=#A23BEC]< %AppData%\* >[/color]
[2019/08/30 09:15:06 | 000,000,000 | ---- | M] () -- C:\Users\Administrateur\AppData\Roaming\processtokill.txt

[color=#A23BEC]< %AppData%\*. >[/color]
[2010/04/23 09:39:12 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Adobe
[2010/04/30 09:11:21 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\FileZilla
[2010/04/19 11:18:53 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Identities
[2010/04/23 09:39:12 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Macromedia
[2010/05/04 16:46:20 | 000,000,000 | --SD | M] -- C:\Users\Administrateur\AppData\Roaming\Microsoft
[2010/03/29 18:00:10 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Mozilla
[2010/05/07 10:53:28 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Novosoft
[2010/04/19 18:14:56 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\OpenOffice.org
[2010/04/30 11:37:10 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Opera
[2019/07/22 10:55:45 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\RDP
[2018/04/16 09:20:15 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Seamless
[2016/03/28 05:24:16 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Sun
[2019/08/30 09:48:43 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\TeamViewer
[2017/08/21 08:50:27 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Yahoo

[color=#A23BEC]< %Userprofile%\Local Settings\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\*. >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\*. >[/color]

[color=#A23BEC]< %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave\FlashWritableRoot\#SharedObjects\* >[/color]

[color=#A23BEC]< %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave\FlashWritableRoot\#SharedObjects\*. >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave FlashWritableRoot\#SharedObjects\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave FlashWritableRoot\#SharedObjects\*. >[/color]

[color=#A23BEC]< %programFiles%\* >[/color]
[2008/01/19 13:41:29 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

[color=#A23BEC]< %programFiles%\*. >[/color]
[2012/04/16 10:35:57 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/05/07 11:41:21 | 000,000,000 | ---D | M] -- C:\Program Files\Areca
[2010/05/11 09:50:53 | 000,000,000 | ---D | M] -- C:\Program Files\Cobian Backup 10
[2017/10/04 11:24:25 | 000,000,000 | ---D | M] -- C:\Program Files\Cobian Backup 11
[2018/10/24 13:46:13 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/02/26 12:25:27 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
[2014/01/23 12:44:09 | 000,000,000 | ---D | M] -- C:\Program Files\G Data
[2017/07/24 14:36:11 | 000,000,000 | ---D | M] -- C:\Program Files\HDClone 6 Free Edition
[2010/02/26 15:01:25 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/02/26 15:01:04 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2018/12/21 18:37:54 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2018/10/24 13:46:33 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/04/19 18:14:28 | 000,000,000 | ---D | M] -- C:\Program Files\JRE
[2015/01/24 13:17:36 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn
[2010/05/03 15:58:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2018/11/12 10:43:13 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2018/11/29 14:38:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service
[2010/05/04 18:37:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird
[2010/02/26 14:57:11 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/04/08 09:36:12 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2017/10/03 10:51:19 | 000,000,000 | ---D | M] -- C:\Program Files\Novosoft
[2010/04/19 18:14:28 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
[2010/05/04 17:51:04 | 000,000,000 | ---D | M] -- C:\Program Files\Opera
[2010/02/26 15:01:25 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2010/02/26 14:57:11 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2019/01/30 10:09:17 | 000,000,000 | ---D | M] -- C:\Program Files\Synology
[2010/02/26 15:01:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Temp
[2008/01/19 13:48:13 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/05/03 17:07:29 | 000,000,000 | ---D | M] -- C:\Program Files\Western Digital
[2016/03/09 04:19:13 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2008/01/19 13:25:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2010/05/04 18:36:17 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2010/03/24 16:14:19 | 000,000,000 | ---D | M] -- C:\Program Files\XPAccess

[color=#A23BEC]< %programfiles%\Google\Desktop\*. >[/color]

[color=#A23BEC]< %ProgramFiles%\Common Files\* >[/color]

[color=#A23BEC]< %ProgramFiles%\Common Files\*. >[/color]
[2012/04/16 10:35:57 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Adobe
[2014/01/23 12:42:52 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\G DATA
[2010/02/26 15:01:21 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\InstallShield
[2018/10/24 13:46:13 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Java
[2010/05/04 11:34:39 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\microsoft shared
[2018/10/24 13:45:48 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Oracle
[2008/01/19 11:40:52 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Services
[2008/01/19 11:40:52 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\SpeechEngines
[2016/03/09 04:19:13 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\System
[2010/04/18 20:15:46 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Windows Live
Invalid Environment Variable: ProgramFiles(X86)
Invalid Environment Variable: ProgramFiles(X86)

[color=#A23BEC]< %Systemroot%\Installer* >[/color]

[color=#A23BEC]< %Systemroot%\Installer*. >[/color]
[2019/01/30 10:09:22 | 000,000,000 | -HSD | M] -- C:\Windows\Installer

[color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.in* >[/color]
[2011/08/31 12:16:02 | 000,072,822 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2006/09/18 23:37:10 | 000,013,750 | ---- | M] () -- C:\Windows\system32\pacerprf.ini
[2019/08/27 17:08:27 | 000,827,674 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2008/01/05 13:23:28 | 000,060,124 | ---- | M] () -- C:\Windows\system32\tcpmon.ini

[color=#A23BEC]< %systemroot%\PSS\* /s >[/color]
[2010/02/26 12:32:26 | 000,024,576 | ---- | M] () -- C:\Windows\PSS\boot.backup
[2010/02/26 12:32:25 | 000,021,504 | -H-- | M] () -- C:\Windows\PSS\boot.backup.LOG
[2010/02/26 12:32:25 | 000,000,000 | -H-- | M] () -- C:\Windows\PSS\boot.backup.LOG1
[2010/02/26 12:32:25 | 000,000,000 | -H-- | M] () -- C:\Windows\PSS\boot.backup.LOG2

[color=#A23BEC]< %systemroot%\Tasks\* >[/color]
[2019/08/30 10:55:25 | 000,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2019/08/30 10:54:14 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#A23BEC]< %systemroot%\Tasks\*. >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color]
[2010/05/03 16:07:00 | 000,003,308 | ---- | M] () -- C:\Windows\system32\Tasks\sync toy easyprint

[color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color]
[2008/01/19 11:41:38 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\Microsoft

[color=#A23BEC]< %systemroot%\syswow64\Tasks\* >[/color]

[color=#A23BEC]< %systemroot%\syswow64\Tasks\*. >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color]

[color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.sys >[/color]
[2006/11/02 09:09:42 | 000,009,029 | ---- | M] () -- C:\Windows\system32\ANSI.SYS
[2019/05/16 16:49:07 | 000,245,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\clfs.sys
[2006/11/02 09:09:45 | 000,027,097 | ---- | M] () -- C:\Windows\system32\country.sys
[2006/11/02 09:09:41 | 000,004,768 | ---- | M] () -- C:\Windows\system32\HIMEM.SYS
[2006/11/02 09:09:44 | 000,042,809 | ---- | M] () -- C:\Windows\system32\KEY01.SYS
[2006/11/02 09:09:44 | 000,042,537 | ---- | M] () -- C:\Windows\system32\KEYBOARD.SYS
[2006/11/02 09:09:29 | 000,027,866 | ---- | M] () -- C:\Windows\system32\NTDOS.SYS
[2006/11/02 09:09:35 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS404.SYS
[2006/11/02 09:09:38 | 000,029,370 | ---- | M] () -- C:\Windows\system32\NTDOS411.SYS
[2006/11/02 09:09:40 | 000,029,274 | ---- | M] () -- C:\Windows\system32\NTDOS412.SYS
[2006/11/02 09:09:31 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS804.SYS
[2006/11/02 09:09:20 | 000,033,952 | ---- | M] () -- C:\Windows\system32\NTIO.SYS
[2006/11/02 09:09:23 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO404.SYS
[2006/11/02 09:09:24 | 000,035,776 | ---- | M] () -- C:\Windows\system32\NTIO411.SYS
[2006/11/02 09:09:26 | 000,035,536 | ---- | M] () -- C:\Windows\system32\NTIO412.SYS
[2006/11/02 09:09:22 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO804.SYS
[2019/07/10 15:53:06 | 002,085,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32k.sys

[color=#A23BEC]< dir %Homedrive%\* /S /A:L /C >[/color]
Le volume dans le lecteur C n'a pas de nom.
Le num ro de s rie du volume est 1E6C-7AB4
R pertoire de C:\
19/01/2008 13:48 <JONCTION> Documents and Settings [C:\Users]
0 fichier(s) 0 octets
R pertoire de C:\Program Files
26/02/2010 12:25 <JONCTION> Fichiers communs [C:\Program Files\Common Files]
0 fichier(s) 0 octets
R pertoire de C:\Program Files\Common Files\Oracle\Java
24/10/2018 13:45 <JONCTION> javapath [C:\Program Files\Common Files\Oracle\Java\javapath_target_1196030056]
0 fichier(s) 0 octets
R pertoire de C:\Program Files\Windows NT
26/02/2010 12:25 <JONCTION> Accessoires [C:\Program Files\Windows NT\Accessories]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData
19/01/2008 13:48 <JONCTION> Application Data [C:\ProgramData]
26/02/2010 12:25 <JONCTION> Bureau [C:\Users\Public\Desktop]
19/01/2008 13:48 <JONCTION> Desktop [C:\Users\Public\Desktop]
19/01/2008 13:48 <JONCTION> Documents [C:\Users\Public\Documents]
26/02/2010 12:25 <JONCTION> Favoris [C:\Users\Public\Favorites]
19/01/2008 13:48 <JONCTION> Favorites [C:\Users\Public\Favorites]
26/02/2010 12:25 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
26/02/2010 12:25 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
19/01/2008 13:48 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
19/01/2008 13:48 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Microsoft\Windows\Start Menu
26/02/2010 12:25 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Oracle\Java
24/10/2018 13:46 <JONCTION> javapath [C:\ProgramData\Oracle\Java\javapath_target_1196075343]
0 fichier(s) 0 octets
R pertoire de C:\Users
19/01/2008 13:48 <SYMLINKD> All Users [C:\ProgramData]
19/01/2008 13:48 <JONCTION> Default User [C:\Users\Default]
0 fichier(s) 0 octets
R pertoire de C:\Users\Administrateur
26/02/2010 12:26 <JONCTION> Application Data [C:\Users\Administrateur\AppData\Roaming]
26/02/2010 12:26 <JONCTION> Cookies [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Cookies]
26/02/2010 12:26 <JONCTION> Local Settings [C:\Users\Administrateur\AppData\Local]
26/02/2010 12:26 <JONCTION> Menu D marrer [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu]
26/02/2010 12:26 <JONCTION> Mes documents [C:\Users\Administrateur\Documents]
26/02/2010 12:26 <JONCTION> Mod`les [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Templates]
26/02/2010 12:26 <JONCTION> Recent [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Recent]
26/02/2010 12:26 <JONCTION> SendTo [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\SendTo]
26/02/2010 12:26 <JONCTION> Voisinage d'impression [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
26/02/2010 12:26 <JONCTION> Voisinage r seau [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu
26/02/2010 12:26 <JONCTION> Programmes [C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\Administrateur\Documents
26/02/2010 12:26 <JONCTION> Ma musique [C:\Users\Administrateur\Music]
26/02/2010 12:26 <JONCTION> Mes images [C:\Users\Administrateur\Pictures]
26/02/2010 12:26 <JONCTION> Mes vid os [C:\Users\Administrateur\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\albert
15/03/2010 18:52 <JONCTION> Application Data [C:\Users\albert\AppData\Roaming]
15/03/2010 18:52 <JONCTION> Cookies [C:\Users\albert\AppData\Roaming\Microsoft\Windows\Cookies]
15/03/2010 18:52 <JONCTION> Local Settings [C:\Users\albert\AppData\Local]
15/03/2010 18:52 <JONCTION> Menu D marrer [C:\Users\albert\AppData\Roaming\Microsoft\Windows\Start Menu]
15/03/2010 18:52 <JONCTION> Mes documents [C:\Users\albert\Documents]
15/03/2010 18:52 <JONCTION> Mod`les [C:\Users\albert\AppData\Roaming\Microsoft\Windows\Templates]
15/03/2010 18:52 <JONCTION> Recent [C:\Users\albert\AppData\Roaming\Microsoft\Windows\Recent]
15/03/2010 18:52 <JONCTION> SendTo [C:\Users\albert\AppData\Roaming\Microsoft\Windows\SendTo]
15/03/2010 18:52 <JONCTION> Voisinage d'impression [C:\Users\albert\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
15/03/2010 18:52 <JONCTION> Voisinage r seau [C:\Users\albert\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\albert\AppData\Local
15/03/2010 18:52 <JONCTION> Application Data [C:\Users\albert\AppData\Local]
15/03/2010 18:52 <JONCTION> Historique [C:\Users\albert\AppData\Local\Microsoft\Windows\History]
15/03/2010 18:52 <JONCTION> Temporary Internet Files [C:\Users\albert\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 fichier(s) 0 octets
R pertoire de C:\Users\albert\AppData\Roaming\Microsoft\Windows\Start Menu
15/03/2010 18:52 <JONCTION> Programmes [C:\Users\albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\albert\Documents
15/03/2010 18:52 <JONCTION> Ma musique [C:\Users\albert\Music]
15/03/2010 18:52 <JONCTION> Mes images [C:\Users\albert\Pictures]
15/03/2010 18:52 <JONCTION> Mes vid os [C:\Users\albert\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users
19/01/2008 13:48 <JONCTION> Application Data [C:\ProgramData]
26/02/2010 12:25 <JONCTION> Bureau [C:\Users\Public\Desktop]
19/01/2008 13:48 <JONCTION> Desktop [C:\Users\Public\Desktop]
19/01/2008 13:48 <JONCTION> Documents [C:\Users\Public\Documents]
26/02/2010 12:25 <JONCTION> Favoris [C:\Users\Public\Favorites]
19/01/2008 13:48 <JONCTION> Favorites [C:\Users\Public\Favorites]
26/02/2010 12:25 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
26/02/2010 12:25 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
19/01/2008 13:48 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
19/01/2008 13:48 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Microsoft\Windows\Start Menu
26/02/2010 12:25 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Oracle\Java
24/10/2018 13:46 <JONCTION> javapath [C:\ProgramData\Oracle\Java\javapath_target_1196075343]
0 fichier(s) 0 octets
R pertoire de C:\Users\commercial1
23/03/2010 14:18 <JONCTION> Application Data [C:\Users\commercial1\AppData\Roaming]
23/03/2010 14:18 <JONCTION> Cookies [C:\Users\commercial1\AppData\Roaming\Microsoft\Windows\Cookies]
23/03/2010 14:18 <JONCTION> Local Settings [C:\Users\commercial1\AppData\Local]
23/03/2010 14:18 <JONCTION> Menu D marrer [C:\Users\commercial1\AppData\Roaming\Microsoft\Windows\Start Menu]
23/03/2010 14:18 <JONCTION> Mes documents [C:\Users\commercial1\Documents]
23/03/2010 14:18 <JONCTION> Mod`les [C:\Users\commercial1\AppData\Roaming\Microsoft\Windows\Templates]
23/03/2010 14:18 <JONCTION> Recent [C:\Users\commercial1\AppData\Roaming\Microsoft\Windows\Recent]
23/03/2010 14:18 <JONCTION> SendTo [C:\Users\commercial1\AppData\Roaming\Microsoft\Windows\SendTo]
23/03/2010 14:18 <JONCTION> Voisinage d'impression [C:\Users\commercial1\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
23/03/2010 14:18 <JONCTION> Voisinage r seau [C:\Users\commercial1\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\commercial1\AppData\Local
23/03/2010 14:18 <JONCTION> Application Data [C:\Users\commercial1\AppData\Local]
23/03/2010 14:18 <JONCTION> Historique [C:\Users\commercial1\AppData\Local\Microsoft\Windows\History]
23/03/2010 14:18 <JONCTION> Temporary Internet Files [C:\Users\commercial1\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 fichier(s) 0 octets
R pertoire de C:\Users\commercial1\AppData\Roaming\Microsoft\Windows\Start Menu
23/03/2010 14:18 <JONCTION> Programmes [C:\Users\commercial1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\commercial1\Documents
23/03/2010 14:18 <JONCTION> Ma musique [C:\Users\commercial1\Music]
23/03/2010 14:18 <JONCTION> Mes images [C:\Users\commercial1\Pictures]
23/03/2010 14:18 <JONCTION> Mes vid os [C:\Users\commercial1\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\commercial2
23/03/2010 14:21 <JONCTION> Application Data [C:\Users\commercial2\AppData\Roaming]
23/03/2010 14:21 <JONCTION> Cookies [C:\Users\commercial2\AppData\Roaming\Microsoft\Windows\Cookies]
23/03/2010 14:21 <JONCTION> Local Settings [C:\Users\commercial2\AppData\Local]
23/03/2010 14:21 <JONCTION> Menu D marrer [C:\Users\commercial2\AppData\Roaming\Microsoft\Windows\Start Menu]
23/03/2010 14:21 <JONCTION> Mes documents [C:\Users\commercial2\Documents]
23/03/2010 14:21 <JONCTION> Mod`les [C:\Users\commercial2\AppData\Roaming\Microsoft\Windows\Templates]
23/03/2010 14:21 <JONCTION> Recent [C:\Users\commercial2\AppData\Roaming\Microsoft\Windows\Recent]
23/03/2010 14:21 <JONCTION> SendTo [C:\Users\commercial2\AppData\Roaming\Microsoft\Windows\SendTo]
23/03/2010 14:21 <JONCTION> Voisinage d'impression [C:\Users\commercial2\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
23/03/2010 14:21 <JONCTION> Voisinage r seau [C:\Users\commercial2\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\commercial2\AppData\Local
23/03/2010 14:21 <JONCTION> Application Data [C:\Users\commercial2\AppData\Local]
23/03/2010 14:21 <JONCTION> Historique [C:\Users\commercial2\AppData\Local\Microsoft\Windows\History]
23/03/2010 14:21 <JONCTION> Temporary Internet Files [C:\Users\commercial2\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 fichier(s) 0 octets
R pertoire de C:\Users\commercial2\AppData\Roaming\Microsoft\Windows\Start Menu
23/03/2010 14:21 <JONCTION> Programmes [C:\Users\commercial2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\commercial2\Documents
23/03/2010 14:21 <JONCTION> Ma musique [C:\Users\commercial2\Music]
23/03/2010 14:21 <JONCTION> Mes images [C:\Users\commercial2\Pictures]
23/03/2010 14:21 <JONCTION> Mes vid os [C:\Users\commercial2\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\cyril
23/03/2010 13:09 <JONCTION> Application Data [C:\Users\cyril\AppData\Roaming]
23/03/2010 13:09 <JONCTION> Cookies [C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Cookies]
23/03/2010 13:09 <JONCTION> Local Settings [C:\Users\cyril\AppData\Local]
23/03/2010 13:09 <JONCTION> Menu D marrer [C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Start Menu]
23/03/2010 13:09 <JONCTION> Mes documents [C:\Users\cyril\Documents]
23/03/2010 13:09 <JONCTION> Mod`les [C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Templates]
23/03/2010 13:09 <JONCTION> Recent [C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Recent]
23/03/2010 13:09 <JONCTION> SendTo [C:\Users\cyril\AppData\Roaming\Microsoft\Windows\SendTo]
23/03/2010 13:09 <JONCTION> Voisinage d'impression [C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
23/03/2010 13:09 <JONCTION> Voisinage r seau [C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Start Menu
23/03/2010 13:09 <JONCTION> Programmes [C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\cyril\Documents
23/03/2010 13:09 <JONCTION> Ma musique [C:\Users\cyril\Music]
23/03/2010 13:09 <JONCTION> Mes images [C:\Users\cyril\Pictures]
23/03/2010 13:09 <JONCTION> Mes vid os [C:\Users\cyril\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default
19/01/2008 13:48 <JONCTION> Application Data [C:\Users\Default\AppData\Roaming]
19/01/2008 13:48 <JONCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
19/01/2008 13:48 <JONCTION> Local Settings [C:\Users\Default\AppData\Local]
26/02/2010 12:25 <JONCTION> Menu D marrer [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
26/02/2010 12:25 <JONCTION> Mes documents [C:\Users\Default\Documents]
26/02/2010 12:25 <JONCTION> Mod`les [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
19/01/2008 13:48 <JONCTION> My Documents [C:\Users\Default\Documents]
19/01/2008 13:48 <JONCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
19/01/2008 13:48 <JONCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
19/01/2008 13:48 <JONCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
19/01/2008 13:48 <JONCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
19/01/2008 13:48 <JONCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
19/01/2008 13:48 <JONCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
26/02/2010 12:25 <JONCTION> Voisinage d'impression [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
26/02/2010 12:25 <JONCTION> Voisinage r seau [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Local
19/01/2008 13:48 <JONCTION> Application Data [C:\Users\Default\AppData\Local]
26/02/2010 12:25 <JONCTION> Historique [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
19/01/2008 13:48 <JONCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
19/01/2008 13:48 <JONCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
26/02/2010 12:25 <JONCTION> Programmes [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\Documents
26/02/2010 12:25 <JONCTION> Ma musique [C:\Users\Default\Music]
26/02/2010 12:25 <JONCTION> Mes images [C:\Users\Default\Pictures]
26/02/2010 12:25 <JONCTION> Mes vid os [C:\Users\Default\Videos]
19/01/2008 13:48 <JONCTION> My Music [C:\Users\Default\Music]
19/01/2008 13:48 <JONCTION> My Pictures [C:\Users\Default\Pictures]
19/01/2008 13:48 <JONCTION> My Videos [C:\Users\Default\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\lothain
15/03/2010 18:54 <JONCTION> Application Data [C:\Users\lothain\AppData\Roaming]
15/03/2010 18:54 <JONCTION> Cookies [C:\Users\lothain\AppData\Roaming\Microsoft\Windows\Cookies]
15/03/2010 18:54 <JONCTION> Local Settings [C:\Users\lothain\AppData\Local]
15/03/2010 18:54 <JONCTION> Menu D marrer [C:\Users\lothain\AppData\Roaming\Microsoft\Windows\Start Menu]
15/03/2010 18:54 <JONCTION> Mes documents [C:\Users\lothain\Documents]
15/03/2010 18:54 <JONCTION> Mod`les [C:\Users\lothain\AppData\Roaming\Microsoft\Windows\Templates]
15/03/2010 18:54 <JONCTION> Recent [C:\Users\lothain\AppData\Roaming\Microsoft\Windows\Recent]
15/03/2010 18:54 <JONCTION> SendTo [C:\Users\lothain\AppData\Roaming\Microsoft\Windows\SendTo]
15/03/2010 18:54 <JONCTION> Voisinage d'impression [C:\Users\lothain\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
15/03/2010 18:54 <JONCTION> Voisinage r seau [C:\Users\lothain\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\lothain\AppData\Local
15/03/2010 18:54 <JONCTION> Application Data [C:\Users\lothain\AppData\Local]
15/03/2010 18:54 <JONCTION> Historique [C:\Users\lothain\AppData\Local\Microsoft\Windows\History]
15/03/2010 18:54 <JONCTION> Temporary Internet Files [C:\Users\lothain\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 fichier(s) 0 octets
R pertoire de C:\Users\lothain\AppData\Roaming\Microsoft\Windows\Start Menu
15/03/2010 18:54 <JONCTION> Programmes [C:\Users\lothain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\lothain\Documents
15/03/2010 18:54 <JONCTION> Ma musique [C:\Users\lothain\Music]
15/03/2010 18:54 <JONCTION> Mes images [C:\Users\lothain\Pictures]
15/03/2010 18:54 <JONCTION> Mes vid os [C:\Users\lothain\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\Public\Documents
26/02/2010 12:25 <JONCTION> Ma musique [C:\Users\Public\Music]
26/02/2010 12:25 <JONCTION> Mes images [C:\Users\Public\Pictures]
26/02/2010 12:25 <JONCTION> Mes vid os [C:\Users\Public\Videos]
19/01/2008 13:48 <JONCTION> My Music [C:\Users\Public\Music]
19/01/2008 13:48 <JONCTION> My Pictures [C:\Users\Public\Pictures]
19/01/2008 13:48 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\sophie
23/03/2010 14:24 <JONCTION> Application Data [C:\Users\sophie\AppData\Roaming]
23/03/2010 14:24 <JONCTION> Cookies [C:\Users\sophie\AppData\Roaming\Microsoft\Windows\Cookies]
23/03/2010 14:24 <JONCTION> Local Settings [C:\Users\sophie\AppData\Local]
23/03/2010 14:24 <JONCTION> Menu D marrer [C:\Users\sophie\AppData\Roaming\Microsoft\Windows\Start Menu]
23/03/2010 14:24 <JONCTION> Mes documents [C:\Users\sophie\Documents]
23/03/2010 14:24 <JONCTION> Mod`les [C:\Users\sophie\AppData\Roaming\Microsoft\Windows\Templates]
23/03/2010 14:24 <JONCTION> Recent [C:\Users\sophie\AppData\Roaming\Microsoft\Windows\Recent]
23/03/2010 14:24 <JONCTION> SendTo [C:\Users\sophie\AppData\Roaming\Microsoft\Windows\SendTo]
23/03/2010 14:24 <JONCTION> Voisinage d'impression [C:\Users\sophie\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
23/03/2010 14:24 <JONCTION> Voisinage r seau [C:\Users\sophie\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\sophie\AppData\Local
23/03/2010 14:24 <JONCTION> Application Data [C:\Users\sophie\AppData\Local]
23/03/2010 14:24 <JONCTION> Historique [C:\Users\sophie\AppData\Local\Microsoft\Windows\History]
23/03/2010 14:24 <JONCTION> Temporary Internet Files [C:\Users\sophie\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 fichier(s) 0 octets
R pertoire de C:\Users\sophie\AppData\Roaming\Microsoft\Windows\Start Menu
23/03/2010 14:24 <JONCTION> Programmes [C:\Users\sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\sophie\Documents
23/03/2010 14:24 <JONCTION> Ma musique [C:\Users\sophie\Music]
23/03/2010 14:24 <JONCTION> Mes images [C:\Users\sophie\Pictures]
23/03/2010 14:24 <JONCTION> Mes vid os [C:\Users\sophie\Videos]
0 fichier(s) 0 octets
Total des fichiers list sÿ:
0 fichier(s) 0 octets
175 R p(s) 194ÿ089ÿ361ÿ408 octets libres

[color=#A23BEC]< MD5 for: AFD.SYS >[/color]
[2017/04/04 16:35:41 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=1833CB9D5CE04115798242996B5FA6E4 -- C:\Windows\System32\drivers\afd.sys
[2017/04/04 16:35:41 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=1833CB9D5CE04115798242996B5FA6E4 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.19762_none_d98fd1ba5bc24bef\afd.sys
[2011/04/21 15:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys
[2011/04/21 15:16:42 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=48EB99503533C27AC6135648E5474457 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys
[2015/10/13 16:31:33 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=4A0978779958D8FE8F5849F452BCC812 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.19513_none_d9c6ddd45b98df43\afd.sys
[2017/04/05 16:36:15 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=5BE34B28D36D625C7479A95E21CAF58A -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.24087_none_da08aa2774ebd2b7\afd.sys
[2011/04/21 15:28:53 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=70EE0FC7A0F384DBD929A01384AEEB4B -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys
[2008/01/19 11:05:01 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=763E172A55177E478CB419F88FD0BA03 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
[2015/10/13 16:24:04 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=994FE77F4BA72432A1FC03A17D177737 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.23823_none_da45ae7f74be954c\afd.sys
[2009/04/11 06:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=A201207363AA900ABF1A388468688570 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys
[2011/04/21 15:12:21 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=C8AF25017CECB75906A571AC70D2D306 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys
[2014/05/30 08:53:22 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=F5272A105F59A7B3B345D9D6D87DA7AD -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.19115_none_d9c8d6d05b971d55\afd.sys
[2014/05/30 11:51:58 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=FA44775936FBCECB679FB30351959757 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.23414_none_da51771d74b59e16\afd.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_f8794617\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008/01/19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_163e56a5\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/01/19 11:05:33 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

[color=#A23BEC]< MD5 for: I8042PRT.SYS >[/color]
[2008/01/19 07:49:18 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\drivers\i8042prt.sys
[2008/01/19 07:49:18 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_c568239d\i8042prt.sys
[2008/01/19 07:49:18 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\i8042prt.sys
[2008/01/19 07:49:18 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_6fb09895\i8042prt.sys
[2008/01/19 07:49:18 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\i8042prt.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2015/10/10 17:38:52 | 000,526,272 | ---- | M] (Microsoft Corporation) MD5=0F1F3E5E29927C8054A8A21EE78F9EF6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.23822_none_aa23976a326169bd\ndis.sys
[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2018/03/26 22:39:57 | 000,526,528 | ---- | M] (Microsoft Corporation) MD5=5B9297041BE0A60485FCA376340D212F -- C:\Windows\System32\drivers\ndis.sys
[2018/03/26 22:39:57 | 000,526,528 | ---- | M] (Microsoft Corporation) MD5=5B9297041BE0A60485FCA376340D212F -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.24339_none_aa1fa93e32635eed\ndis.sys
[2008/01/19 11:03:19 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2015/10/10 18:02:40 | 000,526,272 | ---- | M] (Microsoft Corporation) MD5=DEC4B200C459FA929B0A764E79904B79 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.19512_none_a9a4c6bf193bb3b4\ndis.sys

[color=#A23BEC]< MD5 for: NETBT.SYS >[/color]
[2016/05/10 16:28:38 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=215FDC77E8D81CEEA3AF80B323B75486 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6002.23970_none_628925bb0dc0da38\netbt.sys
[2019/03/08 01:07:47 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=54B3C5460823AE897F8A1C447D84F100 -- C:\Windows\System32\drivers\netbt.sys
[2019/03/08 01:07:47 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=54B3C5460823AE897F8A1C447D84F100 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6003.20481_none_6466088d0aee1d73\netbt.sys
[2008/01/19 11:07:59 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7C5FEE5B1C5728507CD96FB4A13E7A02 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6001.18000_none_6064c861f7442765\netbt.sys
[2016/05/10 16:28:34 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=BF84E55A9B3AD3CBAB4AAE3BE043E579 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6002.19655_none_621a266df48e86f1\netbt.sys
[2009/04/11 06:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=ECD64230A59CBD93C85F1CD1CAB9F3F6 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6002.18005_none_6250416df465f2b1\netbt.sys

[color=#A23BEC]< MD5 for: TDX.SYS >[/color]
[2017/04/05 16:35:36 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=5E554FFE997219A434910B4D7437A732 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.24087_none_ec5e2fe0f2945c1e\tdx.sys
[2009/04/11 06:45:56 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=76B06EB8A01FC8624D699E7045303E54 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[2017/04/04 16:35:01 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=8C4B881B0D7A3053D28450171CC5B3EA -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.19762_none_ebe55773d96ad556\tdx.sys
[2015/10/13 16:23:42 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=96047F3342651D36256F6458DD5A2BCC -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.23823_none_ec9b3438f2671eb3\tdx.sys
[2017/07/04 00:12:56 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=98C91F2A0953AF31E6B91EE3AD0CAC56 -- C:\Windows\System32\drivers\tdx.sys
[2017/07/04 00:12:56 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=98C91F2A0953AF31E6B91EE3AD0CAC56 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.19832_none_ec05c91dd9527eaa\tdx.sys
[2017/07/04 00:14:05 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=A0828F1860490A6C089104EF14133BF4 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.24152_none_ec79a018f28086bf\tdx.sys
[2017/05/14 20:29:12 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=BB1544D1F7C0FB77E39012A52AE57B35 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.24105_none_ecb2b092f255470f\tdx.sys
[2017/05/14 19:00:40 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=C048E401DA0858ED5416821A83677CCC -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.19787_none_ebd4b90dd9768beb\tdx.sys
[2008/01/19 11:07:28 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=D09276B1FAB033CE1D40DCBDF303D10F -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
[2015/10/13 16:31:09 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=EC565DFA3D9C45D8083B72DEC5B33710 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.19513_none_ec1c638dd94168aa\tdx.sys

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys
[2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
[2012/08/21 13:47:42 | 000,225,664 | ---- | M] (Microsoft Corporation) MD5=559F1DB6586DE2EE8E25E172A0CA9A3C -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.22913_none_181f0c08125e385e\volsnap.sys
[2012/08/21 13:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\System32\drivers\volsnap.sys
[2012/08/21 13:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_2abeaeba\volsnap.sys
[2012/08/21 13:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18679_none_175a8da4f96bddf6\volsnap.sys
[2008/01/19 09:42:48 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_c4d713d0\volsnap.sys

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2008/01/19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/19 11:02:54 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/19 11:07:22 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2018/03/26 21:24:26 | 000,315,392 | ---- | M] (Microsoft Corporation) MD5=F961E097BA86A94D6700DC36157850D9 -- C:\Windows\System32\winlogon.exe
[2018/03/26 21:24:26 | 000,315,392 | ---- | M] (Microsoft Corporation) MD5=F961E097BA86A94D6700DC36157850D9 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.24339_none_721b7e8deb45cdca\winlogon.exe

< End of report >

Publicité

Signaler le contenu de ce document

Publicité