cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 20/02/2021 19:42:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mrsou\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.19041.0)
Locale: 0000040C | Country: | Language: FRA | Date Format: dd/MM/yyyy

3,91 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 27,74% Memory free
6,69 Gb Paging File | 1,54 Gb Available in Paging File | 22,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 117,84 Gb Total Space | 89,56 Gb Free Space | 76,00% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-H20RHTT | User Name: mrsou | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2021/02/20 19:39:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mrsou\Downloads\OTL.exe
PRC - [2021/02/20 16:47:13 | 001,942,400 | ---- | M] (Microsoft Corporation) -- C:\Users\mrsou\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2021/02/15 18:10:24 | 000,243,336 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\IDP\fshoster32.exe
PRC - [2021/02/13 11:40:06 | 000,292,680 | ---- | M] (Google LLC) -- C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
PRC - [2020/10/31 21:50:33 | 000,688,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2020/08/28 23:54:02 | 002,956,088 | ---- | M] (East-Tec) -- C:\Program Files (x86)\east-tec Eraser\etRiskMonitor.exe
PRC - [2020/08/28 23:53:58 | 002,476,856 | ---- | M] (East-Tec) -- C:\Program Files (x86)\east-tec Eraser\etUpdateService.exe
PRC - [2020/08/28 23:53:48 | 002,567,992 | ---- | M] (East-Tec) -- C:\Program Files (x86)\east-tec Eraser\etSCHService.exe
PRC - [2020/08/28 23:53:44 | 002,263,352 | ---- | M] (East-Tec) -- C:\Program Files (x86)\east-tec Eraser\etSCHAgent.exe
PRC - [2020/03/24 17:06:52 | 003,140,080 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSpybotLab.exe
PRC - [2020/03/04 11:31:08 | 004,741,680 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2019/03/19 15:39:22 | 006,787,856 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2019/03/19 15:36:26 | 003,892,080 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2020/10/31 21:50:27 | 000,047,472 | ---- | M] () -- C:\Windows\SysWOW64\umpdc.dll
MOD - [2020/10/31 21:50:24 | 000,611,952 | ---- | M] () -- C:\Windows\SysWOW64\TextShaping.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2021/02/20 18:19:40 | 000,162,392 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:[b]64bit:[/b] - [2021/02/18 20:02:02 | 013,314,512 | ---- | M] (Emsisoft Ltd) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\CommService.exe -- (EmsiCommService)
SRV:[b]64bit:[/b] - [2021/02/18 20:02:02 | 009,730,024 | ---- | M] (Emsisoft Ltd) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV:[b]64bit:[/b] - [2021/02/18 20:02:02 | 001,445,584 | ---- | M] (Emsisoft Ltd) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\EppWsc.exe -- (EppWsc)
SRV:[b]64bit:[/b] - [2021/02/13 13:42:34 | 007,456,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:[b]64bit:[/b] - [2021/02/13 01:41:09 | 001,434,216 | ---- | M] (Google LLC) [On_Demand | Stopped] -- C:\Program Files\Google\Chrome\Application\88.0.4324.182\elevation_service.exe -- (GoogleChromeElevationService)
SRV:[b]64bit:[/b] - [2020/11/16 22:07:30 | 000,323,400 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Update Health Tools\uhssvc.exe -- (uhssvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:51:15 | 000,680,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2020/10/31 21:51:15 | 000,478,208 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:51:00 | 000,207,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:59 | 001,201,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AgentService.exe -- (UevAgentService)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:59 | 000,859,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\assignedaccessmanagersvc.dll -- (AssignedAccessManagerSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:49 | 000,875,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:40 | 000,379,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\DispBroker.Desktop.dll -- (DispBrokerDesktopSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:38 | 001,293,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:38 | 000,329,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SgrmBroker.exe -- (SgrmBroker)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:11 | 000,860,672 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:07 | 001,488,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:07 | 001,008,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:06 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:06 | 000,094,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:03 | 003,811,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,978,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UdkUserSvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicePickerUserSvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DeviceAssociationBrokerSvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (ConsentUxUserSvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (cbdhsvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (CaptureService_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BluetoothUserService_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BcastDVRUserService_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (AarSvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:50:00 | 000,988,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:56 | 003,893,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:53 | 000,601,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:53 | 000,567,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usosvc.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:53 | 000,488,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:52 | 000,247,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\psmsrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:51 | 005,871,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:51 | 000,382,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:51 | 000,179,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:49 | 002,428,416 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:49 | 000,281,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:49 | 000,051,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:44 | 001,495,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:39 | 000,371,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:38 | 001,092,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:35 | 001,531,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:33 | 000,609,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:33 | 000,481,792 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:33 | 000,296,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:32 | 002,102,784 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\windowsudk.shellcommon.dll -- (UdkUserSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:31 | 000,385,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc_27ec7)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:31 | 000,385,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:28 | 001,905,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WpcDesktopMonSvc.dll -- (WpcMonSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:28 | 000,939,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:27 | 000,747,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:26 | 000,955,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:26 | 000,934,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Management.Service.dll -- (WManSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:26 | 000,439,296 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\AarSvc.dll -- (AarSvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:26 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:25 | 005,102,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe -- (Sense)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:25 | 001,021,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BTAGService.dll -- (BTAGService)
SRV:[b]64bit:[/b] - [2020/10/31 21:49:20 | 003,587,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2020/10/22 10:07:46 | 013,617,208 | ---- | M] () [Auto | Running] -- C:\Program Files\RogueKiller\RogueKillerSvc.exe -- (rkrtservice)
SRV:[b]64bit:[/b] - [2020/08/08 09:19:02 | 000,441,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2020/08/08 09:19:01 | 000,351,232 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:53 | 000,756,552 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AppVClient.exe -- (AppVClient)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:46 | 002,193,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:46 | 000,304,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:46 | 000,304,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:46 | 000,203,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:44 | 000,986,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:40 | 001,022,976 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CBDHSvc.dll -- (cbdhsvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:40 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\ConsentUxClient.dll -- (ConsentUxUserSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:40 | 000,087,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:39 | 000,105,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe -- (perceptionsimulation)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:38 | 001,386,496 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\bcastdvruserservice.dll -- (BcastDVRUserService)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:38 | 001,188,352 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll -- (DisplayEnhancementService)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:27 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:25 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:25 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:22 | 000,867,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:20 | 000,094,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:19 | 000,130,048 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CaptureService.dll -- (CaptureService)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:17 | 000,597,504 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:17 | 000,224,768 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:13 | 000,466,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:12 | 001,554,432 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:12 | 000,362,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WaaSMedicSvc.dll -- (WaaSMedicSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:09 | 001,222,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:02 | 000,922,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:02 | 000,768,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:02 | 000,389,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:02 | 000,240,176 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:00 | 002,242,048 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:18:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:17:57 | 000,994,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:17:56 | 000,454,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:[b]64bit:[/b] - [2020/08/08 09:17:55 | 001,046,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2020/08/08 09:17:55 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MitigationClient.dll -- (TroubleshootingSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:17:55 | 000,383,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vac.dll -- (VacSvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:17:54 | 001,267,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2020/08/08 09:17:54 | 001,253,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:[b]64bit:[/b] - [2020/08/08 09:17:54 | 000,500,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll -- (BluetoothUserService)
SRV:[b]64bit:[/b] - [2020/08/08 09:17:54 | 000,392,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthAvctpSvc.dll -- (BthAvctpSvc)
SRV:[b]64bit:[/b] - [2019/12/07 15:53:43 | 000,134,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:10:32 | 000,738,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:54 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:51 | 000,306,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:51 | 000,292,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:51 | 000,292,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:51 | 000,292,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:51 | 000,292,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:51 | 000,292,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:51 | 000,292,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:51 | 000,124,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:51 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:47 | 000,325,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:37 | 000,028,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:34 | 000,032,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:33 | 000,341,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:33 | 000,066,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:32 | 000,625,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:32 | 000,114,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\autotimesvc.dll -- (autotimesvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:09:09 | 001,263,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:54 | 000,048,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:52 | 000,171,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:52 | 000,083,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:52 | 000,058,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:34 | 000,244,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:34 | 000,085,504 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:33 | 001,191,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:33 | 000,250,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:33 | 000,195,584 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:33 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:27 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:27 | 000,094,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:27 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:22 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:22 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:19 | 000,160,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:16 | 000,842,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:13 | 000,675,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:05 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LanguageOverlayServer.dll -- (LxpSvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:05 | 000,091,136 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:05 | 000,072,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:[b]64bit:[/b] - [2019/12/07 10:08:05 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:[b]64bit:[/b] - [2019/10/15 14:50:00 | 000,384,512 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe -- (ssh-agent)
SRV:[b]64bit:[/b] - [2015/07/03 03:52:12 | 000,246,472 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe -- (SynTPEnhService)
SRV:[b]64bit:[/b] - [2012/09/24 10:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV - [2021/02/17 09:39:45 | 001,523,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.74\elevation_service.exe -- (MicrosoftEdgeElevationService)
SRV - [2021/02/15 18:10:24 | 000,243,336 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\IDP\fshoster32.exe -- (fsnethoster_idp)
SRV - [2021/02/15 18:10:24 | 000,243,336 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\IDP\fshoster32.exe -- (fshoster_idp)
SRV - [2021/02/13 12:22:34 | 002,462,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe -- (WdNisSvc)
SRV - [2021/02/13 12:22:34 | 000,128,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe -- (WinDefend)
SRV - [2020/11/07 14:45:54 | 000,213,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdatem)
SRV - [2020/11/07 14:45:54 | 000,213,920 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdate)
SRV - [2020/10/31 21:50:33 | 000,707,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2020/10/31 21:50:31 | 000,630,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2020/10/31 21:50:27 | 005,431,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2020/10/31 21:50:25 | 001,836,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2020/10/31 21:50:19 | 001,240,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2020/10/31 21:50:17 | 000,751,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\FlightSettings.dll -- (wisvc)
SRV - [2020/10/31 21:50:16 | 000,733,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\BTAGService.dll -- (BTAGService)
SRV - [2020/10/31 21:50:16 | 000,335,360 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\AarSvc.dll -- (AarSvc)
SRV - [2020/10/31 21:49:20 | 003,587,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2020/08/28 23:53:58 | 002,476,856 | ---- | M] (East-Tec) [Auto | Running] -- C:\Program Files (x86)\east-tec Eraser\etUpdateService.exe -- (QSetUpdateService)
SRV - [2020/08/28 23:53:48 | 002,567,992 | ---- | M] (East-Tec) [Auto | Running] -- C:\Program Files (x86)\east-tec Eraser\etSCHService.exe -- (QSetSchedulerService)
SRV - [2020/08/08 09:19:03 | 000,338,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV - [2020/08/08 09:18:37 | 000,138,752 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2020/08/08 09:18:34 | 000,188,000 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV - [2019/12/07 15:53:42 | 000,104,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV - [2019/12/07 10:09:57 | 000,029,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2019/12/07 10:09:20 | 000,073,216 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\tzautoupdate.dll -- (tzautoupdate)
SRV - [2019/12/07 10:09:18 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2017/03/09 01:16:10 | 000,300,128 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2021/02/20 16:46:25 | 000,077,496 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtection)
DRV:[b]64bit:[/b] - [2021/02/20 16:46:13 | 000,198,248 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\farflt.sys -- (MBAMFarflt)
DRV:[b]64bit:[/b] - [2021/02/20 16:46:13 | 000,142,416 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebProtection)
DRV:[b]64bit:[/b] - [2021/02/20 16:46:10 | 000,038,032 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\truesight.sys -- (TrueSight)
DRV:[b]64bit:[/b] - [2021/02/18 20:02:02 | 000,155,112 | ---- | M] (Emsisoft Ltd) [File_System | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\epp.sys -- (epp)
DRV:[b]64bit:[/b] - [2021/02/18 20:02:02 | 000,126,968 | ---- | M] (Emsisoft Ltd) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\eppwfp.sys -- (eppwfp)
DRV:[b]64bit:[/b] - [2021/02/18 20:02:02 | 000,037,776 | ---- | M] (Emsisoft Ltd) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\eppdisk.sys -- (eppdisk)
DRV:[b]64bit:[/b] - [2021/02/18 20:02:02 | 000,016,808 | ---- | M] (Emsisoft Ltd) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EppElam.sys -- (EppElam)
DRV:[b]64bit:[/b] - [2021/02/13 13:42:47 | 000,220,616 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MbamChameleon.sys -- (MBAMChameleon)
DRV:[b]64bit:[/b] - [2021/02/13 13:42:46 | 000,248,992 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2021/02/13 13:42:36 | 000,153,312 | ---- | M] (Malwarebytes) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mbae64.sys -- (ESProtectionDriver)
DRV:[b]64bit:[/b] - [2021/02/13 13:42:34 | 000,019,912 | ---- | M] (Malwarebytes) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MbamElam.sys -- (MbamElam)
DRV:[b]64bit:[/b] - [2021/02/13 12:22:35 | 000,419,040 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2021/02/13 12:22:35 | 000,071,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2021/02/13 12:22:35 | 000,049,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2020/11/07 16:29:03 | 000,203,680 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\zamguard64.sys -- (ZAM_Guard)
DRV:[b]64bit:[/b] - [2020/11/07 16:29:03 | 000,203,680 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\zam64.sys -- (ZAM)
DRV:[b]64bit:[/b] - [2020/10/31 21:50:47 | 000,104,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PktMon.sys -- (PktMon)
DRV:[b]64bit:[/b] - [2020/10/31 21:50:38 | 000,095,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2020/10/31 21:50:11 | 000,135,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2020/10/31 21:50:11 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afunix.sys -- (afunix)
DRV:[b]64bit:[/b] - [2020/10/31 21:50:06 | 000,403,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2020/10/31 21:50:06 | 000,207,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2020/10/31 21:50:01 | 000,322,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msquic.sys -- (MsQuic)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:59 | 000,491,520 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:58 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:52 | 000,113,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys -- (UcmUcsiCx0101)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:52 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:51 | 000,180,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:39 | 000,183,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:31 | 000,951,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:28 | 000,159,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:27 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:26 | 000,259,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:21 | 000,602,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:21 | 000,305,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:21 | 000,255,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:21 | 000,155,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:21 | 000,106,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:21 | 000,060,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:21 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthMini.SYS -- (BthMini)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:20 | 000,418,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:20 | 000,185,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:20 | 000,026,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\IntelTA.sys -- (Telemetry)
DRV:[b]64bit:[/b] - [2020/10/31 21:49:19 | 000,279,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthA2dp.sys -- (BthA2dp)
DRV:[b]64bit:[/b] - [2020/08/08 09:18:44 | 000,031,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2020/08/08 09:18:13 | 000,143,160 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\bindflt.sys -- (bindflt)
DRV:[b]64bit:[/b] - [2020/08/08 09:17:54 | 000,386,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MbbCx.sys -- (MbbCx)
DRV:[b]64bit:[/b] - [2020/08/08 09:17:54 | 000,293,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mssecflt.sys -- (MsSecFlt)
DRV:[b]64bit:[/b] - [2020/08/08 09:17:48 | 000,134,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2020/08/08 09:17:47 | 000,678,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2020/08/08 09:17:47 | 000,647,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2020/08/08 09:17:47 | 000,639,288 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:[b]64bit:[/b] - [2020/08/08 09:17:47 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2020/04/24 01:22:30 | 000,064,880 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudqcfilter.sys -- (ssudqcfilter)
DRV:[b]64bit:[/b] - [2020/04/24 01:22:22 | 000,166,760 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2020/04/24 01:22:16 | 000,136,040 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2020/04/16 07:17:02 | 000,069,648 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:[b]64bit:[/b] - [2020/01/10 22:14:50 | 000,069,168 | ---- | M] (Benjamin Höglinger-Stelzer) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ViGEmBus.sys -- (ViGEmBus)
DRV:[b]64bit:[/b] - [2019/12/07 15:53:43 | 000,172,544 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smbdirect.sys -- (smbdirect)
DRV:[b]64bit:[/b] - [2019/12/07 15:53:42 | 000,032,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2019/12/07 15:53:41 | 000,041,488 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\UevAgentDriver.sys -- (UevAgentDriver)
DRV:[b]64bit:[/b] - [2019/12/07 15:53:40 | 000,090,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:[b]64bit:[/b] - [2019/12/07 15:53:38 | 000,174,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVemgr.sys -- (AppvVemgr)
DRV:[b]64bit:[/b] - [2019/12/07 15:53:38 | 000,154,936 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVfs.sys -- (AppvVfs)
DRV:[b]64bit:[/b] - [2019/12/07 15:53:38 | 000,138,272 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppVStrm.sys -- (AppvStrm)
DRV:[b]64bit:[/b] - [2019/12/07 10:09:48 | 000,072,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NDKPing.sys -- (NDKPing)
DRV:[b]64bit:[/b] - [2019/12/07 10:09:37 | 000,095,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2019/12/07 10:09:34 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\spaceparser.sys -- (spaceparser)
DRV:[b]64bit:[/b] - [2019/12/07 10:09:33 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2019/12/07 10:09:33 | 000,088,080 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SgrmAgent.sys -- (SgrmAgent)
DRV:[b]64bit:[/b] - [2019/12/07 10:09:05 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2019/12/07 10:09:05 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:58 | 000,292,864 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:49 | 000,347,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:49 | 000,033,592 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:46 | 001,999,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:46 | 000,990,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:46 | 000,234,504 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:41 | 000,097,080 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:41 | 000,078,136 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:39 | 000,023,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys -- (WdmCompanionFilter)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:37 | 000,321,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:37 | 000,188,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:37 | 000,160,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:37 | 000,092,984 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:37 | 000,087,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:37 | 000,076,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:37 | 000,076,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:37 | 000,040,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:36 | 000,173,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:36 | 000,086,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:36 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\portcfg.sys -- (portcfg)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:34 | 000,202,552 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:34 | 000,093,184 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:34 | 000,091,136 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\cimfs.sys -- (CimFS)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:34 | 000,058,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:16 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:09 | 000,415,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Acx01000.sys -- (Acx01000)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:09 | 000,259,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:09 | 000,139,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:09 | 000,059,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:09 | 000,059,392 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:09 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:09 | 000,042,296 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:05 | 000,057,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2019/12/07 10:08:05 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:57 | 000,249,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:57 | 000,089,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:57 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:57 | 000,059,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:57 | 000,041,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:57 | 000,035,128 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hvcrash.sys -- (hvcrash)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:57 | 000,027,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:57 | 000,023,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:57 | 000,019,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:57 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys -- (VirtualRender)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,168,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,110,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,103,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidspi.sys -- (hidspi)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,056,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,055,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,041,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys -- (UcmUcsiAcpiClient)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,033,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,032,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,029,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:56 | 000,018,920 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 001,853,752 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 001,131,320 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,884,752 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAVC.sys -- (iaStorAVC)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,558,904 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,537,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,319,800 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,305,464 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,168,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvdimm.sys -- (nvdimm)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,158,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,146,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,138,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,081,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,079,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,073,016 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,064,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,043,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,036,152 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:54 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 001,135,416 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,259,384 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,209,720 | ---- | M] (Microsemi Corportation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\SmartSAMD.sys -- (SmartSAMD)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,172,344 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ItSas35i.sys -- (ItSas35i)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,135,992 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,124,216 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,107,320 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,105,480 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas35i.sys -- (megasas35i)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,083,256 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,082,744 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,081,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,068,408 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,064,312 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,063,800 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,058,680 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,058,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys -- (umbus)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,034,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,031,032 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,026,936 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:53 | 000,016,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:50 | 003,418,936 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:50 | 000,533,816 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:50 | 000,260,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaudio2.sys -- (usbaudio2)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:50 | 000,124,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:50 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:50 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:50 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:50 | 000,035,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:50 | 000,018,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys -- (swenum)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:50 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,324,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,177,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys -- (iaLPSS2i_I2C_GLK)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,177,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys -- (iaLPSS2i_I2C_CNL)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,144,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthHfEnum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,112,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys -- (iaLPSS2i_GPIO2_CNL)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys -- (iaLPSS2i_GPIO2_GLK)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,093,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,091,136 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,066,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys -- (Microsoft_Bluetooth_AvrcpTransport)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,045,568 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdi2c.sys -- (amdi2c)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,036,352 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelpmax.sys -- (intelpmax)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,018,432 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdgpio2.sys -- (amdgpio2)
DRV:[b]64bit:[/b] - [2019/12/07 10:07:47 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2019/08/14 00:36:34 | 000,116,752 | ---- | M] (VMware, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:[b]64bit:[/b] - [2019/06/21 07:34:36 | 000,019,904 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\Spybot3ELAM.sys -- (Spybot3ELAM)
DRV:[b]64bit:[/b] - [2018/10/23 22:29:28 | 000,047,672 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtliteusbbus.sys -- (dtliteusbbus)
DRV:[b]64bit:[/b] - [2018/10/23 22:29:19 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:[b]64bit:[/b] - [2018/05/10 13:05:04 | 000,035,560 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppleLowerFilter.sys -- (AppleLowerFilter)
DRV:[b]64bit:[/b] - [2018/05/10 13:05:04 | 000,020,640 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppleKmdfFilter.sys -- (AppleKmdfFilter)
DRV:[b]64bit:[/b] - [2018/05/04 09:03:54 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2017/08/21 09:17:20 | 000,038,664 | ---- | M] (Texas Instruments Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tiehdusb.sys -- (tiehdusb)
DRV:[b]64bit:[/b] - [2017/07/09 21:25:24 | 000,480,800 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2017/03/09 01:16:06 | 005,382,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2017/01/16 07:26:40 | 000,043,648 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_conn_usb_driver.sys -- (ss_conn_usb_driver)
DRV:[b]64bit:[/b] - [2016/03/29 06:01:56 | 000,186,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2015/07/03 03:52:12 | 000,614,088 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2015/05/04 14:54:36 | 003,354,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwew01.sys -- (NETwNe64)
DRV:[b]64bit:[/b] - [2014/07/28 17:22:08 | 000,468,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c64x64.sys -- (e1cexpress)
DRV:[b]64bit:[/b] - [2013/04/26 08:40:22 | 000,176,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:[b]64bit:[/b] - [2012/09/24 10:40:56 | 000,043,840 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:[b]64bit:[/b] - [2012/09/24 10:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2021/02/20 17:18:49 | 000,024,120 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Users\mrsou\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR)
DRV - [2020/10/31 21:50:35 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\afunix.sys -- (afunix)
DRV - [2020/08/08 09:17:47 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys -- (BasicRender)
DRV - [2019/12/07 10:07:57 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys -- (VirtualRender)
DRV - [2019/12/07 10:07:56 | 000,110,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys -- (UfxChipidea)
DRV - [2019/12/07 10:07:56 | 000,032,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys -- (UrsChipidea)
DRV - [2019/12/07 10:07:56 | 000,029,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys -- (UrsSynopsys)
DRV - [2019/12/07 10:07:56 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys -- (genericusbfn)
DRV - [2019/12/07 10:07:54 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys -- (BasicDisplay)
DRV - [2019/12/07 10:07:53 | 000,058,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys -- (umbus)
DRV - [2019/12/07 10:07:53 | 000,034,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys -- (UEFI)
DRV - [2019/12/07 10:07:50 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys -- (CompositeBus)
DRV - [2019/12/07 10:07:50 | 000,018,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys -- (swenum)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\mrsou\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\mrsou\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_1\
CHR - Extension: No name found = C:\Users\mrsou\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.5_1\
CHR - Extension: No name found = C:\Users\mrsou\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_1\
CHR - Extension: No name found = C:\Users\mrsou\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja\3.2.8_0\
CHR - Extension: No name found = C:\Users\mrsou\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.21.0_1\
CHR - Extension: No name found = C:\Users\mrsou\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\20.3.10_0\
CHR - Extension: No name found = C:\Users\mrsou\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg\5.17.2_0\
CHR - Extension: No name found = C:\Users\mrsou\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee\2.2.18_0\
CHR - Extension: No name found = C:\Users\mrsou\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfofijpkapingknllefalncmbiienkab\2021.2.1.2_0\
CHR - Extension: No name found = C:\Users\mrsou\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\
CHR - Extension: No name found = C:\Users\mrsou\AppData\Local\Google\Chrome\User Data\Default\Extensions\pffijdalbjigmoeepbhkohpgknfgjgej\1.3.1_1\
CHR - Extension: No name found = C:\Users\mrsou\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8820.1109.0.1_0\

O1 HOSTS File: ([2021/02/13 13:33:35 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:[b]64bit:[/b] - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.74\BHO\ie_to_edge_bho_64.dll (Microsoft Corporation)
O2 - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.74\BHO\ie_to_edge_bho.dll (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Emsisoft Anti-Malware] C:\Program Files\Emsisoft Anti-Malware\a2guard.exe (Emsisoft Ltd)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [East-Tec east-tec Eraser Scheduler Agent] C:\Program Files (x86)\east-tec Eraser\etSCHAgent.exe (East-Tec)
O4 - HKLM..\Run: [east-tec Eraser Risk Monitor] C:\WINDOWS\SysWow64\schtasks.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [OneDrive] C:\Users\mrsou\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [Delete Cached Standalone Update Binary] C:\WINDOWS\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [Delete Cached Update Binary] C:\WINDOWS\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [Uninstall 21.002.0104.0005] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mrsou\AppData\Local\Microsoft\OneDrive\21.002.0104.0005" File not found
O4 - HKCU..\RunOnce: [Uninstall 21.002.0104.0005\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mrsou\AppData\Local\Microsoft\OneDrive\21.002.0104.0005\amd64" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5d76553e-290b-492a-b81f-1fbef5c5c383}: DhcpNameServer = 192.168.0.254
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] InstallService - C:\Windows\SysNative\InstallService.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] PushToInstall - C:\Windows\SysNative\PushToInstall.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] TroubleshootingSvc - C:\Windows\SysNative\MitigationClient.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] LxpSvc - C:\Windows\SysNative\LanguageOverlayServer.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DmEnrollmentSvc - C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XblGameSave - C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] shpamsvc - C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] WManSvc - C:\Windows\SysNative\Windows.Management.Service.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] TokenBroker - C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NetSetupSvc - C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] lfsvc - C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] dmwappushservice - C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] wisvc - C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] WpnService - C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XboxNetApiSvc - C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] UsoSvc - C:\Windows\SysNative\usosvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XblAuthManager - C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] XboxGipSvc - C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NaturalAuthentication - C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs: TokenBroker - C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)

MsConfig:64bit - State: "bootini" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] Ahcache.sys - C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] AudioEndpointBuilder - C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] BasicDisplay.sys - C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] BasicRender.sys - C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] BrokerInfrastructure - C:\Windows\SysNative\psmsrv.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] CBDHSvc - C:\Windows\SysNative\CBDHSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] CoreMessagingRegistrar - C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] hitmanpro37 - Reg Error: Value error.
SafeBootMin:[b]64bit:[/b] hitmanpro37.sys - Reg Error: Value error.
SafeBootMin:[b]64bit:[/b] iai2c.sys - C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
SafeBootMin:[b]64bit:[/b] KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] MBAMService - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SafeBootMin:[b]64bit:[/b] Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] NgcCtnrSvc - C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] NgcSvc - C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] SerCx2.sys - C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] SpbCx.sys - C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] StateRepository - C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] TBS - Service
SafeBootMin:[b]64bit:[/b] uefi.sys - C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\uefi.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96C-E325-11CE-BFC1-08002BE10318} - Media
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin:[b]64bit:[/b] {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware
SafeBootMin: Base - Driver Group
SafeBootMin: BasicDisplay.sys - C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin: BasicRender.sys - C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys (Microsoft Corporation)
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: CoreMessagingRegistrar - C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: hitmanpro37 - Reg Error: Value error.
SafeBootMin: hitmanpro37.sys - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: StateRepository - C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: uefi.sys - C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys (Microsoft Corporation)
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96C-E325-11CE-BFC1-08002BE10318} - Media
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware

SafeBootNet:[b]64bit:[/b] Ahcache.sys - C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] AudioEndpointBuilder - C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] BasicDisplay.sys - C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] BasicRender.sys - C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] BrokerInfrastructure - C:\Windows\SysNative\psmsrv.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Browser - Service
SafeBootNet:[b]64bit:[/b] CBDHSvc - C:\Windows\SysNative\CBDHSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] CoreMessagingRegistrar - C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] hitmanpro37 - Reg Error: Value error.
SafeBootNet:[b]64bit:[/b] hitmanpro37.sys - Reg Error: Value error.
SafeBootNet:[b]64bit:[/b] KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] MBAMService - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] mrxsmb10 - Driver
SafeBootNet:[b]64bit:[/b] MsQuic - C:\Windows\SysNative\drivers\msquic.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] netprofm - C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] NetSetupSvc - C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] NgcCtnrSvc - C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] NgcSvc - C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdpencdd.sys - Driver
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] SerCx2.sys - C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] SmartcardSimulator - Driver
SafeBootNet:[b]64bit:[/b] SpbCx.sys - C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] StateRepository - C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] TBS - Service
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] uefi.sys - C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\uefi.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] VaultSvc - C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] VirtualSmartcardReader - Driver
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] Wcmsvc - C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96C-E325-11CE-BFC1-08002BE10318} - Media
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:[b]64bit:[/b] {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware
SafeBootNet: Base - Driver Group
SafeBootNet: BasicDisplay.sys - C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet: BasicRender.sys - C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys (Microsoft Corporation)
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Browser - Service
SafeBootNet: CoreMessagingRegistrar - C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: hitmanpro37 - Reg Error: Value error.
SafeBootNet: hitmanpro37.sys - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: mrxsmb10 - Driver
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: StateRepository - C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: uefi.sys - C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys (Microsoft Corporation)
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96C-E325-11CE-BFC1-08002BE10318} - Media
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
ActiveX:[b]64bit:[/b] {8F5D9E08-71EC-370E-BA96-36E6EF916DF2} - .NET Framework
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {9459C573-B17A-45AE-9F64-1857B5D58CEE} - "C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.74\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {990CB269-A600-38D0-B7D1-FBD392495F13} - .NET Framework
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2021/02/20 18:19:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2021/02/20 18:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2021/02/20 18:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2021/02/20 18:15:19 | 000,000,000 | ---D | C] -- C:\Users\mrsou\AppData\Local\Diagnostics
[2021/02/20 17:46:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Emsisoft
[2021/02/20 17:45:33 | 000,016,808 | ---- | C] (Emsisoft Ltd) -- C:\WINDOWS\SysNative\drivers\EppElam.sys
[2021/02/20 17:45:23 | 000,037,776 | ---- | C] (Emsisoft Ltd) -- C:\WINDOWS\SysNative\drivers\eppdisk.sys
[2021/02/20 17:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2021/02/20 17:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2021/02/20 17:27:41 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2021/02/20 17:27:39 | 000,495,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2021/02/20 17:04:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure
[2021/02/20 17:04:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\F-Secure
[2021/02/20 17:04:23 | 000,000,000 | ---D | C] -- C:\Users\mrsou\AppData\Local\F-Secure
[2021/02/20 17:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2021/02/20 16:46:25 | 000,077,496 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2021/02/20 16:46:13 | 000,198,248 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2021/02/20 16:46:13 | 000,142,416 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2021/02/13 15:33:02 | 000,040,960 | ---- | C] (Asmwsoft.com) -- C:\WINDOWS\SysWow64\hist.ocx
[2021/02/13 15:33:02 | 000,040,960 | ---- | C] (Asmwsoft.com) -- C:\WINDOWS\SysNative\hist.ocx
[2021/02/13 15:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmwsoft PC Optimizer
[2021/02/13 15:33:01 | 001,070,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mscomctl.ocx
[2021/02/13 15:33:01 | 000,659,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Mscomct2.ocx
[2021/02/13 15:33:01 | 000,233,526 | ---- | C] (asmw soft systems) -- C:\WINDOWS\SysWow64\asmwmenu.dll
[2021/02/13 15:33:01 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\richtx32.ocx
[2021/02/13 15:33:01 | 000,170,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Comct232.ocx
[2021/02/13 15:33:01 | 000,155,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comdlg32.ocx
[2021/02/13 15:33:01 | 000,151,552 | ---- | C] (Asmw Soft Systems www.asmwsoft.com) -- C:\WINDOWS\SysWow64\style.ocx
[2021/02/13 15:33:01 | 000,133,120 | ---- | C] (Info-ZIP) -- C:\WINDOWS\SysWow64\zip32.dll
[2021/02/13 15:33:01 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Msinet.ocx
[2021/02/13 15:33:01 | 000,124,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Mswinsck.ocx
[2021/02/13 15:33:01 | 000,077,824 | ---- | C] (Ala S. Wrawreh) -- C:\WINDOWS\SysWow64\Alafile.ocx
[2021/02/13 15:33:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wbemdisp.tlb
[2021/02/13 15:33:01 | 000,021,504 | ---- | C] (asmwsoft.com) -- C:\WINDOWS\SysWow64\asmwZipIt.ocx
[2021/02/13 15:33:01 | 000,021,504 | ---- | C] (asmwsoft.com) -- C:\WINDOWS\SysNative\asmwZipIt.ocx
[2021/02/13 15:33:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Asmwsoft PC Optimizer
[2021/02/13 15:24:13 | 000,722,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sedplugins.dll
[2021/02/13 15:24:13 | 000,470,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\QualityUpdateAssistant.dll
[2021/02/13 15:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Update Health Tools
[2021/02/13 15:24:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Logs
[2021/02/13 15:08:05 | 000,000,000 | ---D | C] -- C:\Program Files\Aurelitec
[2021/02/13 13:42:47 | 000,220,616 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2021/02/13 13:42:46 | 000,248,992 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2021/02/13 13:42:42 | 000,153,312 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2021/02/13 13:42:42 | 000,019,912 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamElam.sys
[2021/02/13 12:38:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft Antimalware
[2021/02/13 11:43:13 | 000,000,000 | ---D | C] -- C:\ProgramData\East-Tec
[2021/02/13 11:42:57 | 000,000,000 | ---D | C] -- C:\Users\mrsou\AppData\Roaming\East-Tec
[2021/02/13 11:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2021/02/13 11:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2021/02/13 11:42:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\east-tec Eraser
[2021/02/13 11:42:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\east-tec Eraser
[2 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2021/02/20 19:46:26 | 000,270,749 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2021/02/20 19:46:23 | 000,241,716 | ---- | M] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2021/02/20 19:26:22 | 000,000,000 | ---- | M] () -- C:\Users\mrsou\defogger_reenable
[2021/02/20 19:06:28 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2021/02/20 18:19:39 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2021/02/20 17:07:38 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2021/02/20 17:05:43 | 000,007,896 | ---- | M] () -- C:\Users\mrsou\Documents\clé_1b778ce934.png
[2021/02/20 17:04:45 | 000,002,056 | ---- | M] () -- C:\Users\Public\Desktop\F-Secure ID PROTECTION.lnk
[2021/02/20 16:58:10 | 000,002,280 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Edge.lnk
[2021/02/20 16:57:30 | 000,002,204 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2021/02/20 16:53:39 | 001,770,906 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2021/02/20 16:53:39 | 000,792,952 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat
[2021/02/20 16:53:39 | 000,701,544 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2021/02/20 16:53:39 | 000,150,082 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat
[2021/02/20 16:53:39 | 000,133,386 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2021/02/20 16:52:28 | 000,000,036 | ---- | M] () -- C:\Users\mrsou\AppData\Local\housecall.guid.cache
[2021/02/20 16:46:25 | 000,077,496 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2021/02/20 16:46:13 | 000,198,248 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2021/02/20 16:46:13 | 000,142,416 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2021/02/20 16:46:10 | 000,038,032 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\truesight.sys
[2021/02/20 16:45:58 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2021/02/18 20:02:02 | 000,037,776 | ---- | M] (Emsisoft Ltd) -- C:\WINDOWS\SysNative\drivers\eppdisk.sys
[2021/02/18 20:02:02 | 000,016,808 | ---- | M] (Emsisoft Ltd) -- C:\WINDOWS\SysNative\drivers\EppElam.sys
[2021/02/13 15:36:48 | 000,005,687 | ---- | M] () -- C:\WINDOWS\twin.dlt
[2021/02/13 15:36:38 | 000,001,340 | ---- | M] () -- C:\Users\Public\Desktop\Asmwsoft Oneclick Optimizer.lnk
[2021/02/13 15:36:38 | 000,001,232 | ---- | M] () -- C:\Users\Public\Desktop\Asmwsoft PC Optimizer.lnk
[2021/02/13 14:06:34 | 000,002,300 | ---- | M] () -- C:\Users\mrsou\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2021/02/13 13:42:57 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2021/02/13 13:42:47 | 000,220,616 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2021/02/13 13:42:46 | 000,248,992 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2021/02/13 13:42:36 | 000,153,312 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2021/02/13 13:42:34 | 000,019,912 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamElam.sys
[2021/02/13 13:33:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2021/02/13 12:22:35 | 000,419,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdFilter.sys
[2021/02/13 12:22:35 | 000,087,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdDevFlt.sys
[2021/02/13 12:22:35 | 000,071,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdNisDrv.sys
[2021/02/13 12:22:35 | 000,049,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdBoot.sys
[2021/02/13 12:00:20 | 000,258,768 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2021/02/13 11:42:37 | 000,001,125 | ---- | M] () -- C:\Users\Public\Desktop\east-tec Eraser.lnk
[2 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2021/02/20 19:26:22 | 000,000,000 | ---- | C] () -- C:\Users\mrsou\defogger_reenable
[2021/02/20 19:06:28 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2021/02/20 18:19:39 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2021/02/20 17:05:43 | 000,007,896 | ---- | C] () -- C:\Users\mrsou\Documents\clé_1b778ce934.png
[2021/02/20 17:04:45 | 000,002,056 | ---- | C] () -- C:\Users\Public\Desktop\F-Secure ID PROTECTION.lnk
[2021/02/20 16:52:28 | 000,000,036 | ---- | C] () -- C:\Users\mrsou\AppData\Local\housecall.guid.cache
[2021/02/13 15:36:48 | 000,005,687 | ---- | C] () -- C:\WINDOWS\twin.dlt
[2021/02/13 15:33:02 | 000,001,340 | ---- | C] () -- C:\Users\Public\Desktop\Asmwsoft Oneclick Optimizer.lnk
[2021/02/13 15:33:02 | 000,001,232 | ---- | C] () -- C:\Users\Public\Desktop\Asmwsoft PC Optimizer.lnk
[2021/02/13 15:33:01 | 000,270,336 | ---- | C] () -- C:\WINDOWS\SysWow64\hiscl.ocx
[2021/02/13 15:33:01 | 000,102,400 | ---- | C] () -- C:\WINDOWS\SysWow64\Zipit.dll
[2021/02/13 15:33:01 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysWow64\FileSearch.dll
[2021/02/13 15:33:01 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysNative\FileSearch.dll
[2021/02/13 15:33:01 | 000,047,616 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\Zipdll.dll
[2021/02/13 15:33:01 | 000,044,544 | ---- | C] () -- C:\WINDOWS\SysWow64\gif89.dll
[2021/02/13 15:08:05 | 000,001,221 | ---- | C] () -- C:\Users\mrsou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PixelHealer.lnk
[2021/02/13 13:42:57 | 000,002,033 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
[2021/02/13 13:42:57 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2021/02/13 12:43:09 | 000,038,032 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\truesight.sys
[2021/02/13 12:00:16 | 000,258,768 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2021/02/13 11:42:37 | 000,001,125 | ---- | C] () -- C:\Users\Public\Desktop\east-tec Eraser.lnk
[2021/02/13 11:37:55 | 000,270,513 | ---- | C] () -- C:\WINDOWS\ZAM.krnl.trace
[2021/02/13 11:37:55 | 000,241,468 | ---- | C] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2020/11/07 14:11:29 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2020/11/07 14:06:25 | 000,003,103 | ---- | C] () -- C:\WINDOWS\SysWow64\mmc.exe.config
[2020/11/07 14:06:25 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2020/11/07 14:06:24 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2020/10/31 21:51:01 | 000,101,688 | ---- | C] () -- C:\WINDOWS\SysWow64\HvsiManagementApi.dll
[2020/10/31 21:50:27 | 000,047,472 | ---- | C] () -- C:\WINDOWS\SysWow64\umpdc.dll
[2020/10/31 21:50:26 | 000,455,168 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowManagementAPI.dll
[2020/10/31 21:50:25 | 001,333,248 | ---- | C] () -- C:\WINDOWS\SysWow64\TextInputMethodFormatter.dll
[2020/10/31 21:50:24 | 000,611,952 | ---- | C] () -- C:\WINDOWS\SysWow64\TextShaping.dll
[2020/10/31 21:50:19 | 000,266,240 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Internal.UI.Shell.WindowTabManager.dll
[2019/12/07 10:10:05 | 000,019,485 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2019/12/07 10:10:05 | 000,011,292 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr-v.dat
[2019/12/07 10:10:02 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2019/12/07 10:09:57 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2019/12/07 10:09:22 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2019/12/07 10:09:18 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2019/12/07 10:09:17 | 003,595,776 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2019/12/07 10:09:17 | 000,235,520 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2019/12/07 10:09:17 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2019/12/07 10:09:17 | 000,060,416 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2019/12/07 10:09:17 | 000,054,784 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2019/12/07 10:09:13 | 000,223,744 | ---- | C] () -- C:\WINDOWS\SysWow64\TpmTool.exe
[2019/12/07 10:09:11 | 000,330,752 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2019/12/07 10:09:11 | 000,240,640 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreMas.dll
[2019/12/07 10:09:11 | 000,049,664 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.proxystub.dll
[2019/12/07 10:09:11 | 000,040,448 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.internal.proxystub.dll
[2019/12/07 10:09:11 | 000,010,752 | ---- | C] () -- C:\WINDOWS\SysWow64\agentactivationruntimestarter.exe
[2019/12/07 10:09:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2019/12/07 10:08:58 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2020/10/31 21:49:50 | 007,986,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2020/10/31 21:50:26 | 006,365,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2020/10/31 21:49:29 | 001,075,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2020/10/31 21:50:20 | 000,804,352 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2019/12/07 10:08:19 | 000,514,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2019/08/24 15:00:03 | 000,131,072 | ---- | M] () -- C:\BitLockerWinRELog.etl
[2021/02/13 14:27:08 | 000,001,153 | ---- | M] () -- C:\DelFix.txt
[2021/02/20 19:42:57 | 2974,425,088 | -HS- | M] () -- C:\pagefile.sys
[2021/02/20 16:45:58 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2021/02/20 19:14:51 | 000,004,504 | ---- | M] () -- C:\TDSSKiller.3.1.0.28_20.02.2021_19.14.38_log.txt
[2 C:\*.tmp files -> C:\*.tmp -> ]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
[2020/11/07 14:04:23 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

[color=#A23BEC]< %PROGRAMFILES%\*. >[/color]
[2021/02/13 15:48:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Asmwsoft PC Optimizer
[2020/11/07 14:06:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2021/02/13 15:02:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\east-tec Eraser
[2021/02/20 17:04:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\F-Secure
[2020/11/07 16:48:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2020/11/07 14:09:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2020/11/07 14:46:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2020/11/07 14:06:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2020/11/07 14:09:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2020/11/07 14:09:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2021/02/20 16:46:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2020/11/07 14:08:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2020/11/07 14:06:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2020/11/07 14:09:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2020/11/07 14:06:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Multimedia Platform
[2020/11/07 14:08:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2020/11/07 14:08:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2020/11/07 14:06:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2020/11/07 14:06:11 | 000,000,000 | -HSD | M] -- C:\Program Files (x86)\Windows Sidebar
[2020/11/07 14:06:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WindowsPowerShell

[color=#A23BEC]< MD5 for: APPMGMTS.DLL >[/color]
[2021/01/31 14:34:10 | 000,002,234 | ---- | M] () MD5=1EA029F2682A2D34484F692E6A618F65 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_5fa3be78baf4da27\f\appmgmts.dll
[2020/10/08 17:29:38 | 000,002,027 | ---- | M] () MD5=3CFB34BCFC07A1C0FB52D33E08827427 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_5fa3be78baf4da27\r\appmgmts.dll
[2021/01/31 14:34:26 | 000,002,027 | ---- | M] () MD5=3CFB34BCFC07A1C0FB52D33E08827427 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_5fa3be78baf4da27\r\appmgmts.dll
[2020/10/31 21:50:56 | 000,002,027 | ---- | M] () MD5=3CFB34BCFC07A1C0FB52D33E08827427 -- C:\Windows\WinSxS\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_5fa3be78baf4da27\r\appmgmts.dll
[2020/10/08 17:37:40 | 000,001,566 | ---- | M] () MD5=4EA12BE4AA6A7097DBB8D82F56E7DDE1 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_69f868caef559c22\f\appmgmts.dll
[2020/10/31 21:50:56 | 000,001,566 | ---- | M] () MD5=4EA12BE4AA6A7097DBB8D82F56E7DDE1 -- C:\Windows\WinSxS\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_69f868caef559c22\f\appmgmts.dll
[2020/10/08 17:29:30 | 000,002,234 | ---- | M] () MD5=81997C91B31CDB2C423979D6FA0BFC87 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_5fa3be78baf4da27\f\appmgmts.dll
[2020/10/31 21:50:56 | 000,002,234 | ---- | M] () MD5=81997C91B31CDB2C423979D6FA0BFC87 -- C:\Windows\WinSxS\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_5fa3be78baf4da27\f\appmgmts.dll
[2020/10/31 21:51:00 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=9F7F9EF3CB7B2DB1DE97A8DC2A8053E7 -- C:\WINDOWS\SysNative\appmgmts.dll
[2020/10/31 21:51:00 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=9F7F9EF3CB7B2DB1DE97A8DC2A8053E7 -- C:\Windows\WinSxS\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_5fa3be78baf4da27\appmgmts.dll
[2021/01/31 14:41:06 | 000,001,566 | ---- | M] () MD5=B212763FE66873615C160B81C3961F17 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_69f868caef559c22\f\appmgmts.dll
[2020/10/08 17:37:40 | 000,001,439 | ---- | M] () MD5=B4C81D636FB6398B0FF6347F5A88A5B9 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_69f868caef559c22\r\appmgmts.dll
[2021/01/31 14:41:14 | 000,001,439 | ---- | M] () MD5=B4C81D636FB6398B0FF6347F5A88A5B9 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_69f868caef559c22\r\appmgmts.dll
[2020/10/31 21:50:56 | 000,001,439 | ---- | M] () MD5=B4C81D636FB6398B0FF6347F5A88A5B9 -- C:\Windows\WinSxS\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_69f868caef559c22\r\appmgmts.dll
[2020/10/31 21:51:01 | 000,160,768 | ---- | M] (Microsoft Corporation) MD5=F666EB8AC47215DD75540A5965D3F4F1 -- C:\Windows\SysWOW64\appmgmts.dll
[2020/10/31 21:51:01 | 000,160,768 | ---- | M] (Microsoft Corporation) MD5=F666EB8AC47215DD75540A5965D3F4F1 -- C:\Windows\WinSxS\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.19041.572_none_69f868caef559c22\appmgmts.dll

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2020/10/08 17:24:20 | 000,002,587 | ---- | M] () MD5=00E4238A4CD3C75B0EF4F2B8B143D40B -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_dual_mshdc.inf_31bf3856ad364e35_10.0.19041.488_none_f947b7c22e6d9081\r\atapi.sys
[2021/01/31 14:27:42 | 000,002,587 | ---- | M] () MD5=00E4238A4CD3C75B0EF4F2B8B143D40B -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_dual_mshdc.inf_31bf3856ad364e35_10.0.19041.488_none_f947b7c22e6d9081\r\atapi.sys
[2020/10/31 21:49:19 | 000,002,587 | ---- | M] () MD5=00E4238A4CD3C75B0EF4F2B8B143D40B -- C:\Windows\WinSxS\amd64_dual_mshdc.inf_31bf3856ad364e35_10.0.19041.488_none_f947b7c22e6d9081\r\atapi.sys
[2020/10/08 17:24:20 | 000,002,606 | ---- | M] () MD5=1F1C85627CC7CB047612722BC6442A7E -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_dual_mshdc.inf_31bf3856ad364e35_10.0.19041.488_none_f947b7c22e6d9081\f\atapi.sys
[2021/01/31 14:27:40 | 000,002,606 | ---- | M] () MD5=1F1C85627CC7CB047612722BC6442A7E -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_dual_mshdc.inf_31bf3856ad364e35_10.0.19041.488_none_f947b7c22e6d9081\f\atapi.sys
[2020/10/31 21:49:19 | 000,002,606 | ---- | M] () MD5=1F1C85627CC7CB047612722BC6442A7E -- C:\Windows\WinSxS\amd64_dual_mshdc.inf_31bf3856ad364e35_10.0.19041.488_none_f947b7c22e6d9081\f\atapi.sys
[2020/10/31 21:49:20 | 000,030,024 | ---- | M] (Microsoft Corporation) MD5=C394B2347795AB247F4F4FFAB46B8935 -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2020/10/31 21:49:20 | 000,030,024 | ---- | M] (Microsoft Corporation) MD5=C394B2347795AB247F4F4FFAB46B8935 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_747e4fe53d5ff1ea\atapi.sys
[2020/10/31 21:49:20 | 000,030,024 | ---- | M] (Microsoft Corporation) MD5=C394B2347795AB247F4F4FFAB46B8935 -- C:\Windows\WinSxS\amd64_dual_mshdc.inf_31bf3856ad364e35_10.0.19041.488_none_f947b7c22e6d9081\atapi.sys

[color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
[2021/02/20 18:09:23 | 000,972,800 | ---- | M] (Microsoft Corporation) MD5=0301386E8E024D70A50F8A774C01D26C -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_10.0.19041.804_none_c01679182071c269\autochk.exe
[2019/12/07 10:08:46 | 000,972,288 | ---- | M] (Microsoft Corporation) MD5=1089F10A70508032686BAFCEAF132BB0 -- C:\WINDOWS\SysNative\autochk.exe
[2019/12/07 10:08:46 | 000,972,288 | ---- | M] (Microsoft Corporation) MD5=1089F10A70508032686BAFCEAF132BB0 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_10.0.19041.1_none_97e4facd611ea96a\autochk.exe
[2021/02/20 18:12:06 | 000,863,744 | ---- | M] (Microsoft Corporation) MD5=26E6642C24CCB193643FD450FF4F4AC9 -- C:\Windows\WinSxS\wow64_microsoft-windows-autochk_31bf3856ad364e35_10.0.19041.804_none_ca6b236a54d28464\autochk.exe
[2019/12/07 10:09:22 | 000,863,744 | ---- | M] (Microsoft Corporation) MD5=26FC8049B74859DD17C33CA8DDB09903 -- C:\Windows\SysWOW64\autochk.exe
[2019/12/07 10:09:22 | 000,863,744 | ---- | M] (Microsoft Corporation) MD5=26FC8049B74859DD17C33CA8DDB09903 -- C:\Windows\WinSxS\wow64_microsoft-windows-autochk_31bf3856ad364e35_10.0.19041.1_none_a239a51f957f6b65\autochk.exe
[2021/01/31 14:31:04 | 000,000,854 | ---- | M] () MD5=5925169264E760E766FE0809205D6CB1 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_10.0.19041.804_none_c01679182071c269\r\autochk.exe
[2021/01/31 14:43:56 | 000,000,634 | ---- | M] () MD5=82E23BC7A589210246D3C3D71DF7E238 -- C:\Windows\WinSxS\wow64_microsoft-windows-autochk_31bf3856ad364e35_10.0.19041.804_none_ca6b236a54d28464\f\autochk.exe
[2021/01/31 14:30:58 | 000,000,899 | ---- | M] () MD5=D3C61D06AA5403D727DAD3F41419EBC5 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_10.0.19041.804_none_c01679182071c269\f\autochk.exe
[2021/01/31 14:43:58 | 000,000,635 | ---- | M] () MD5=FB043A198D06DB6C42F6504F93DF5DBA -- C:\Windows\WinSxS\wow64_microsoft-windows-autochk_31bf3856ad364e35_10.0.19041.804_none_ca6b236a54d28464\r\autochk.exe

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2019/12/07 10:09:00 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=4280B427B81EB8C265F3206E2298761E -- C:\WINDOWS\SysNative\drivers\beep.sys
[2019/12/07 10:09:00 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=4280B427B81EB8C265F3206E2298761E -- C:\Windows\WinSxS\amd64_microsoft-windows-beepsys_31bf3856ad364e35_10.0.19041.1_none_7a11aed6a6faced6\beep.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2020/10/08 17:39:20 | 000,204,422 | ---- | M] () MD5=08F1C70A51C586502F886A5E48088F66 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.572_none_39de27790d0869a8\f\explorer.exe
[2020/10/31 21:50:18 | 000,204,422 | ---- | M] () MD5=08F1C70A51C586502F886A5E48088F66 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.572_none_39de27790d0869a8\f\explorer.exe
[2020/10/08 17:29:38 | 000,231,772 | ---- | M] () MD5=17E920F55D36F2DCB0A531A084C1A455 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.546_none_2fadee12d88bb936\r\explorer.exe
[2020/10/31 21:49:30 | 000,231,772 | ---- | M] () MD5=17E920F55D36F2DCB0A531A084C1A455 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.546_none_2fadee12d88bb936\r\explorer.exe
[2021/01/31 14:42:56 | 000,264,211 | ---- | M] () MD5=2E52FC04EFE7AB86F684A9F6D4A2EABE -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.746_none_3a029c310cec757f\f\explorer.exe
[2021/01/31 14:43:04 | 000,212,173 | ---- | M] () MD5=3AF76A68089728FF27D8B5133E36CEA7 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.746_none_3a029c310cec757f\r\explorer.exe
[2020/03/04 11:31:00 | 006,166,736 | ---- | M] (Safer-Networking Ltd.) MD5=48AD17B820BD04A3523439A4F111541E -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe
[2020/10/31 21:50:18 | 004,012,688 | ---- | M] (Microsoft Corporation) MD5=537FAD154748A9A1114F4EAA6547DB1A -- C:\Windows\SysWOW64\explorer.exe
[2020/10/31 21:50:18 | 004,012,688 | ---- | M] (Microsoft Corporation) MD5=537FAD154748A9A1114F4EAA6547DB1A -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.572_none_39de27790d0869a8\explorer.exe
[2021/01/31 14:32:32 | 000,321,669 | ---- | M] () MD5=64ED82D689956EAC855C22018C368DEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.746_none_2fadf1ded88bb384\f\explorer.exe
[2021/02/20 18:11:02 | 004,124,760 | ---- | M] (Microsoft Corporation) MD5=6C0318E0320C85767DEB30CE42EFFB09 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.746_none_3a029c310cec757f\explorer.exe
[2020/10/31 21:49:30 | 004,590,560 | ---- | M] (Microsoft Corporation) MD5=8916534C5CDB068AAB715B0EBDA01539 -- C:\Windows\explorer.exe
[2020/10/31 21:49:30 | 004,590,560 | ---- | M] (Microsoft Corporation) MD5=8916534C5CDB068AAB715B0EBDA01539 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.546_none_2fadee12d88bb936\explorer.exe
[2021/01/31 14:32:40 | 000,270,485 | ---- | M] () MD5=908B4FA65C1A726684A03E02CA7E55CC -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.746_none_2fadf1ded88bb384\r\explorer.exe
[2021/02/20 18:04:00 | 004,708,328 | ---- | M] (Microsoft Corporation) MD5=A19D650F03BCFFDA514B068CF2DF61BA -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.746_none_2fadf1ded88bb384\explorer.exe
[2020/10/08 17:29:32 | 000,265,061 | ---- | M] () MD5=C3DAFD4A2276829C0718F4003CDF520F -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.546_none_2fadee12d88bb936\f\explorer.exe
[2020/10/31 21:49:30 | 000,265,061 | ---- | M] () MD5=C3DAFD4A2276829C0718F4003CDF520F -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.546_none_2fadee12d88bb936\f\explorer.exe
[2020/10/08 17:39:32 | 000,176,631 | ---- | M] () MD5=F4FE9DB5E4131C7666C761A08111CD13 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.572_none_39de27790d0869a8\r\explorer.exe
[2020/10/31 21:50:18 | 000,176,631 | ---- | M] () MD5=F4FE9DB5E4131C7666C761A08111CD13 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.19041.572_none_39de27790d0869a8\r\explorer.exe

[color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color]
[2019/12/07 10:08:55 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=2A41AF60430E686985E9101C07A77B80 -- C:\WINDOWS\SysNative\hidserv.dll
[2019/12/07 10:08:55 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=2A41AF60430E686985E9101C07A77B80 -- C:\Windows\WinSxS\amd64_microsoft-windows-hid-user_31bf3856ad364e35_10.0.19041.1_none_8c9d55f126cc2eb2\hidserv.dll
[2019/12/07 10:09:27 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EA4D057F3D2AE3981C7AE04FB020A1C1 -- C:\Windows\SysWOW64\hidserv.dll
[2019/12/07 10:09:27 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EA4D057F3D2AE3981C7AE04FB020A1C1 -- C:\Windows\WinSxS\wow64_microsoft-windows-hid-user_31bf3856ad364e35_10.0.19041.1_none_96f200435b2cf0ad\hidserv.dll

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2019/12/07 10:07:54 | 000,412,176 | ---- | M] (Intel Corporation) MD5=215525477CBDCD07A82AC518BAE3DEC3 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2019/12/07 10:07:54 | 000,412,176 | ---- | M] (Intel Corporation) MD5=215525477CBDCD07A82AC518BAE3DEC3 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_9c09bd1df352f065\iaStorV.sys
[2019/12/07 10:07:54 | 000,412,176 | ---- | M] (Intel Corporation) MD5=215525477CBDCD07A82AC518BAE3DEC3 -- C:\Windows\WinSxS\amd64_dual_iastorv.inf_31bf3856ad364e35_10.0.19041.1_none_dc98afdac988ca55\iaStorV.sys

[color=#A23BEC]< MD5 for: IMM32.DLL >[/color]
[2021/01/31 14:28:28 | 000,000,563 | ---- | M] () MD5=047E143DF9F016553CCDEC509A349CF6 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.19041.789_none_8015fa19cba6d775\f\imm32.dll
[2020/10/08 17:37:18 | 000,003,355 | ---- | M] () MD5=0B7EEACB5B00AEC386A6F0F01FD64F6B -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_44a40f690d9b0974\r\imm32.dll
[2021/01/31 14:52:30 | 000,003,355 | ---- | M] () MD5=0B7EEACB5B00AEC386A6F0F01FD64F6B -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\wow64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_44a40f690d9b0974\r\imm32.dll
[2020/10/31 21:50:33 | 000,003,355 | ---- | M] () MD5=0B7EEACB5B00AEC386A6F0F01FD64F6B -- C:\Windows\WinSxS\wow64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_44a40f690d9b0974\r\imm32.dll
[2020/10/08 17:30:50 | 000,004,301 | ---- | M] () MD5=19B71F37DDC9B3B2380886645AB5FAF6 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_3a4f6516d93a4779\f\imm32.dll
[2021/01/31 14:34:24 | 000,004,301 | ---- | M] () MD5=19B71F37DDC9B3B2380886645AB5FAF6 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_3a4f6516d93a4779\f\imm32.dll
[2020/10/31 21:50:04 | 000,004,301 | ---- | M] () MD5=19B71F37DDC9B3B2380886645AB5FAF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_3a4f6516d93a4779\f\imm32.dll
[2020/10/08 17:25:22 | 000,000,517 | ---- | M] () MD5=5161DE87666379B9F4F923483E1F03AB -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.19041.572_none_8019c433cba50fd5\r\imm32.dll
[2020/10/31 21:50:06 | 000,185,448 | ---- | M] (Microsoft Corporation) MD5=669D9741E74156425354DDAB8BCC581E -- C:\WINDOWS\SysNative\imm32.dll
[2020/10/31 21:50:06 | 000,185,448 | ---- | M] (Microsoft Corporation) MD5=669D9741E74156425354DDAB8BCC581E -- C:\Windows\WinSxS\amd64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_3a4f6516d93a4779\imm32.dll
[2020/10/08 17:30:52 | 000,004,247 | ---- | M] () MD5=82CF97C5D19D10EC689CE90243024EFA -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_3a4f6516d93a4779\r\imm32.dll
[2021/01/31 14:34:24 | 000,004,247 | ---- | M] () MD5=82CF97C5D19D10EC689CE90243024EFA -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_3a4f6516d93a4779\r\imm32.dll
[2020/10/31 21:50:04 | 000,004,247 | ---- | M] () MD5=82CF97C5D19D10EC689CE90243024EFA -- C:\Windows\WinSxS\amd64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_3a4f6516d93a4779\r\imm32.dll
[2020/10/08 17:25:20 | 000,000,560 | ---- | M] () MD5=964CB7F3863C31E92A567C8ECEC1FA6A -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.19041.572_none_8019c433cba50fd5\f\imm32.dll
[2020/10/08 17:37:18 | 000,003,202 | ---- | M] () MD5=BA96CAAB4D2A18C76FAE8CBFF1EA3AA9 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_44a40f690d9b0974\f\imm32.dll
[2021/01/31 14:52:30 | 000,003,202 | ---- | M] () MD5=BA96CAAB4D2A18C76FAE8CBFF1EA3AA9 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\wow64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_44a40f690d9b0974\f\imm32.dll
[2020/10/31 21:50:33 | 000,003,202 | ---- | M] () MD5=BA96CAAB4D2A18C76FAE8CBFF1EA3AA9 -- C:\Windows\WinSxS\wow64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_44a40f690d9b0974\f\imm32.dll
[2021/01/31 14:28:42 | 000,000,521 | ---- | M] () MD5=E369ABE14E095EF1D7FDAF2DC21AC538 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.19041.789_none_8015fa19cba6d775\r\imm32.dll
[2020/10/31 21:50:33 | 000,143,056 | ---- | M] (Microsoft Corporation) MD5=EA15C200B276280E45D06350D123C7D5 -- C:\Windows\SysWOW64\imm32.dll
[2020/10/31 21:50:33 | 000,143,056 | ---- | M] (Microsoft Corporation) MD5=EA15C200B276280E45D06350D123C7D5 -- C:\Windows\WinSxS\wow64_microsoft-windows-imm32_31bf3856ad364e35_10.0.19041.546_none_44a40f690d9b0974\imm32.dll

[color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color]
[2020/10/31 21:50:19 | 000,632,544 | ---- | M] (Microsoft Corporation) MD5=060C574B746E7285F23209D2ECC2EF76 -- C:\Windows\SysWOW64\kernel32.dll
[2020/10/31 21:50:19 | 000,632,544 | ---- | M] (Microsoft Corporation) MD5=060C574B746E7285F23209D2ECC2EF76 -- C:\Windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.546_none_7c0bd693e97b9520\kernel32.dll
[2021/01/31 14:35:20 | 000,026,312 | ---- | M] () MD5=11852D71106BBEB27860830D6FACD2AF -- C:\Windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.804_none_71e0710fb4fc2828\r\kernel32.dll
[2021/01/31 14:41:26 | 000,019,886 | ---- | M] () MD5=17019DAF2D49C1812CE5777933194AB2 -- C:\Windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.804_none_7c351b61e95cea23\r\kernel32.dll
[2020/10/08 17:25:20 | 000,004,373 | ---- | M] () MD5=1D7FFB13283D106470BB3076E5A5EEC1 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.19041.572_none_8019c433cba50fd5\f\kernel32.dll
[2021/02/20 18:11:15 | 000,632,544 | ---- | M] (Microsoft Corporation) MD5=2038DA42A851574F2FB0FDD6FE34127D -- C:\Windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.804_none_7c351b61e95cea23\kernel32.dll
[2021/01/31 14:28:46 | 000,004,497 | ---- | M] () MD5=3AE7C8187CE79794794DC9528160F07F -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.19041.789_none_8015fa19cba6d775\r\kernel32.dll
[2021/01/31 14:41:24 | 000,019,720 | ---- | M] () MD5=3D4715B1B2BD774B8A38B2A7BB62F999 -- C:\Windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.804_none_7c351b61e95cea23\f\kernel32.dll
[2021/01/31 14:28:42 | 000,004,555 | ---- | M] () MD5=4C29025F778194385F6466B647F58E05 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.19041.789_none_8015fa19cba6d775\f\kernel32.dll
[2020/10/31 21:49:32 | 000,764,976 | ---- | M] (Microsoft Corporation) MD5=5A2C30DC2BF2C1752A65625DE074B4CD -- C:\WINDOWS\SysNative\kernel32.dll
[2020/10/31 21:49:32 | 000,764,976 | ---- | M] (Microsoft Corporation) MD5=5A2C30DC2BF2C1752A65625DE074B4CD -- C:\Windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.546_none_71b72c41b51ad325\kernel32.dll
[2020/10/08 17:38:08 | 000,019,621 | ---- | M] () MD5=68A1958050DE23C3AD5EDDAB96E3D75B -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.546_none_7c0bd693e97b9520\f\kernel32.dll
[2020/10/31 21:50:18 | 000,019,621 | ---- | M] () MD5=68A1958050DE23C3AD5EDDAB96E3D75B -- C:\Windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.546_none_7c0bd693e97b9520\f\kernel32.dll
[2020/10/08 17:31:28 | 000,026,187 | ---- | M] () MD5=6F54A46009BEAA764CF687E08FB555D9 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.546_none_71b72c41b51ad325\r\kernel32.dll
[2020/10/31 21:49:30 | 000,026,187 | ---- | M] () MD5=6F54A46009BEAA764CF687E08FB555D9 -- C:\Windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.546_none_71b72c41b51ad325\r\kernel32.dll
[2021/01/31 14:35:18 | 000,026,818 | ---- | M] () MD5=9801E7A23149F89357B33BBB35C2FB78 -- C:\Windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.804_none_71e0710fb4fc2828\f\kernel32.dll
[2021/02/20 18:05:31 | 000,764,976 | ---- | M] (Microsoft Corporation) MD5=B4A528BC9C2CEA4F21A2A91FAB15D933 -- C:\Windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.804_none_71e0710fb4fc2828\kernel32.dll
[2020/10/08 17:25:22 | 000,004,335 | ---- | M] () MD5=BCEE15B383D6B9888F4E8996458D67C1 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.19041.572_none_8019c433cba50fd5\r\kernel32.dll
[2020/10/08 17:31:26 | 000,026,685 | ---- | M] () MD5=C703107F435B74DEC2C359A0E4B2EEA5 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.546_none_71b72c41b51ad325\f\kernel32.dll
[2020/10/31 21:49:30 | 000,026,685 | ---- | M] () MD5=C703107F435B74DEC2C359A0E4B2EEA5 -- C:\Windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.546_none_71b72c41b51ad325\f\kernel32.dll
[2020/10/08 17:38:08 | 000,019,806 | ---- | M] () MD5=F60DB8D119B4F6E9FAE06821266B394A -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.546_none_7c0bd693e97b9520\r\kernel32.dll
[2020/10/31 21:50:18 | 000,019,806 | ---- | M] () MD5=F60DB8D119B4F6E9FAE06821266B394A -- C:\Windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.19041.546_none_7c0bd693e97b9520\r\kernel32.dll

[color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color]
[2020/10/08 17:38:34 | 000,006,145 | ---- | M] () MD5=271B7C851E1EB1AE0C0C7764EC8CB3A6 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_a0a14858c07bcb00\r\mswsock.dll
[2021/01/31 14:43:26 | 000,006,145 | ---- | M] () MD5=271B7C851E1EB1AE0C0C7764EC8CB3A6 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\wow64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_a0a14858c07bcb00\r\mswsock.dll
[2020/10/31 21:50:29 | 000,006,145 | ---- | M] () MD5=271B7C851E1EB1AE0C0C7764EC8CB3A6 -- C:\Windows\WinSxS\wow64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_a0a14858c07bcb00\r\mswsock.dll
[2020/10/31 21:50:31 | 000,324,416 | ---- | M] (Microsoft Corporation) MD5=32ACBB4A0F2EB31E8E69AEF3CBCD8B73 -- C:\Windows\SysWOW64\mswsock.dll
[2020/10/31 21:50:31 | 000,324,416 | ---- | M] (Microsoft Corporation) MD5=32ACBB4A0F2EB31E8E69AEF3CBCD8B73 -- C:\Windows\WinSxS\wow64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_a0a14858c07bcb00\mswsock.dll
[2020/10/08 17:35:58 | 000,011,385 | ---- | M] () MD5=36D8D1F872867CEE328EC836D9AF098B -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_964c9e068c1b0905\r\mswsock.dll
[2021/01/31 14:39:34 | 000,011,385 | ---- | M] () MD5=36D8D1F872867CEE328EC836D9AF098B -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_964c9e068c1b0905\r\mswsock.dll
[2020/10/31 21:49:59 | 000,011,385 | ---- | M] () MD5=36D8D1F872867CEE328EC836D9AF098B -- C:\Windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_964c9e068c1b0905\r\mswsock.dll
[2020/10/08 17:38:18 | 000,006,346 | ---- | M] () MD5=553AA097D664B94DF090C7C11779DF96 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_a0a14858c07bcb00\f\mswsock.dll
[2021/01/31 14:43:26 | 000,006,346 | ---- | M] () MD5=553AA097D664B94DF090C7C11779DF96 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\wow64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_a0a14858c07bcb00\f\mswsock.dll
[2020/10/31 21:50:29 | 000,006,346 | ---- | M] () MD5=553AA097D664B94DF090C7C11779DF96 -- C:\Windows\WinSxS\wow64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_a0a14858c07bcb00\f\mswsock.dll
[2020/10/31 21:50:01 | 000,418,416 | ---- | M] (Microsoft Corporation) MD5=89CA286E36756DD0DDE53ACD953F44DC -- C:\WINDOWS\SysNative\mswsock.dll
[2020/10/31 21:50:01 | 000,418,416 | ---- | M] (Microsoft Corporation) MD5=89CA286E36756DD0DDE53ACD953F44DC -- C:\Windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_964c9e068c1b0905\mswsock.dll
[2020/10/08 17:35:56 | 000,011,631 | ---- | M] () MD5=9E95D0ABDA1BB864B8195ECE6038AFE7 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_964c9e068c1b0905\f\mswsock.dll
[2021/01/31 14:39:34 | 000,011,631 | ---- | M] () MD5=9E95D0ABDA1BB864B8195ECE6038AFE7 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_964c9e068c1b0905\f\mswsock.dll
[2020/10/31 21:49:59 | 000,011,631 | ---- | M] () MD5=9E95D0ABDA1BB864B8195ECE6038AFE7 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.19041.546_none_964c9e068c1b0905\f\mswsock.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2021/01/31 14:35:56 | 000,038,630 | ---- | M] () MD5=0CE9A4B3D487F4EC3FA136963112EB05 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.19041.630_none_3753954b86d89f60\r\ndis.sys
[2021/01/31 14:35:54 | 000,041,126 | ---- | M] () MD5=134C0F2E92989BD9C8BBC60CC91B3BA0 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.19041.630_none_3753954b86d89f60\f\ndis.sys
[2020/10/31 21:50:05 | 001,478,464 | ---- | M] (Microsoft Corporation) MD5=18F1DF7BB87C7485AFF14714446CD73E -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2020/10/31 21:50:05 | 001,478,464 | ---- | M] (Microsoft Corporation) MD5=18F1DF7BB87C7485AFF14714446CD73E -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.19041.546_none_374ec53586db5634\ndis.sys
[2020/10/08 17:32:34 | 000,039,004 | ---- | M] () MD5=9526232C6EA9FE36C50EB0FFC92CB775 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.19041.546_none_374ec53586db5634\f\ndis.sys
[2020/10/31 21:50:04 | 000,039,004 | ---- | M] () MD5=9526232C6EA9FE36C50EB0FFC92CB775 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.19041.546_none_374ec53586db5634\f\ndis.sys
[2021/02/20 18:09:46 | 001,478,464 | ---- | M] (Microsoft Corporation) MD5=D6A890117CC69363EE01BA9D76E6613D -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.19041.630_none_3753954b86d89f60\ndis.sys
[2020/10/08 17:32:36 | 000,036,196 | ---- | M] () MD5=E46A695AD1C9E98A04D37CDD0A7D446E -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.19041.546_none_374ec53586db5634\r\ndis.sys
[2020/10/31 21:50:04 | 000,036,196 | ---- | M] () MD5=E46A695AD1C9E98A04D37CDD0A7D446E -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.19041.546_none_374ec53586db5634\r\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2020/08/08 09:18:21 | 000,028,174 | ---- | M] () MD5=073EA94C54EF2D5F3E1FED1B883ECF9F -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.450_none_dba02ab596d6b98e\f\netlogon.dll
[2021/01/31 14:38:18 | 000,027,695 | ---- | M] () MD5=0E81FCB672DEDD9DDEAF56A60457C7F2 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.804_none_dbda431196aa87d1\f\netlogon.dll
[2020/10/08 17:35:22 | 000,027,444 | ---- | M] () MD5=234B40464ADE9034349313888F4BA510 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.450_none_dba02ab596d6b98e\r\netlogon.dll
[2020/08/08 09:18:21 | 000,027,444 | ---- | M] () MD5=234B40464ADE9034349313888F4BA510 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.450_none_dba02ab596d6b98e\r\netlogon.dll
[2021/02/20 18:09:47 | 000,866,816 | ---- | M] (Microsoft Corporation) MD5=30F2F1D095AA286C044B7BC99D31F353 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.804_none_dbda431196aa87d1\netlogon.dll
[2020/10/08 17:35:22 | 000,028,174 | ---- | M] () MD5=54B4520698A1988DDA3154C992ACD821 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.450_none_dba02ab596d6b98e\f\netlogon.dll
[2020/10/08 17:38:58 | 000,008,125 | ---- | M] () MD5=6079AEB451FDE400C9E5D7620FB65741 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.450_none_e5f4d507cb377b89\r\netlogon.dll
[2020/08/08 09:18:35 | 000,008,125 | ---- | M] () MD5=6079AEB451FDE400C9E5D7620FB65741 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.450_none_e5f4d507cb377b89\r\netlogon.dll
[2021/01/31 14:42:42 | 000,008,022 | ---- | M] () MD5=63B09166CD178EEF554956285549F2E7 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.804_none_e62eed63cb0b49cc\r\netlogon.dll
[2020/08/08 09:18:22 | 000,867,328 | ---- | M] (Microsoft Corporation) MD5=70FABD4BE2CD7091F7D1C2DC194D15E2 -- C:\WINDOWS\SysNative\netlogon.dll
[2020/08/08 09:18:22 | 000,867,328 | ---- | M] (Microsoft Corporation) MD5=70FABD4BE2CD7091F7D1C2DC194D15E2 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.450_none_dba02ab596d6b98e\netlogon.dll
[2020/08/08 09:18:36 | 000,671,232 | ---- | M] (Microsoft Corporation) MD5=9791632FE28D272958387968DE915442 -- C:\Windows\SysWOW64\netlogon.dll
[2020/08/08 09:18:36 | 000,671,232 | ---- | M] (Microsoft Corporation) MD5=9791632FE28D272958387968DE915442 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.450_none_e5f4d507cb377b89\netlogon.dll
[2020/08/08 09:18:35 | 000,010,587 | ---- | M] () MD5=AC8D8DF3DE9A202A042DC41626FEB87B -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.450_none_e5f4d507cb377b89\f\netlogon.dll
[2021/02/20 18:12:21 | 000,670,720 | ---- | M] (Microsoft Corporation) MD5=BFD941B5E27B087CB99E7249D9618D19 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.804_none_e62eed63cb0b49cc\netlogon.dll
[2021/01/31 14:42:36 | 000,010,176 | ---- | M] () MD5=C441359FEFA99B19513F1CB5B2CB823F -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.804_none_e62eed63cb0b49cc\f\netlogon.dll
[2021/01/31 14:38:20 | 000,027,198 | ---- | M] () MD5=CB13D05C14E7CEC1CF76ACDAC13E7BFB -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.804_none_dbda431196aa87d1\r\netlogon.dll
[2020/10/08 17:38:54 | 000,010,587 | ---- | M] () MD5=EE190883649586D2381D525385BE58FB -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.19041.450_none_e5f4d507cb377b89\f\netlogon.dll

[color=#A23BEC]< MD5 for: NTFS.SYS >[/color]
[2020/10/08 17:34:18 | 000,087,838 | ---- | M] () MD5=0A5E5F80F0A3DC8D5517F89E4AA5AE9B -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-ntfs_31bf3856ad364e35_10.0.19041.508_none_8497b1017b98a6f4\f\ntfs.sys
[2020/10/31 21:50:04 | 000,087,838 | ---- | M] () MD5=0A5E5F80F0A3DC8D5517F89E4AA5AE9B -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_10.0.19041.508_none_8497b1017b98a6f4\f\ntfs.sys
[2021/02/20 18:09:43 | 002,852,672 | ---- | M] (Microsoft Corporation) MD5=2323C57DB1D9D6BBA762B3DB5992BC0F -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_10.0.19041.804_none_8493b58b7b9c390d\ntfs.sys
[2020/10/08 17:34:26 | 000,089,083 | ---- | M] () MD5=4AAC15ADFCEB3CFD17714159A4526865 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-ntfs_31bf3856ad364e35_10.0.19041.508_none_8497b1017b98a6f4\r\ntfs.sys
[2020/10/31 21:50:04 | 000,089,083 | ---- | M] () MD5=4AAC15ADFCEB3CFD17714159A4526865 -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_10.0.19041.508_none_8497b1017b98a6f4\r\ntfs.sys
[2021/01/31 14:36:06 | 000,115,955 | ---- | M] () MD5=52A68B4F229E098675E1478B77D84429 -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_10.0.19041.804_none_8493b58b7b9c390d\f\ntfs.sys
[2021/01/31 14:36:10 | 000,116,108 | ---- | M] () MD5=6FB4F3A2DC8C2C4FE146E507062EB96C -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_10.0.19041.804_none_8493b58b7b9c390d\r\ntfs.sys
[2020/10/31 21:50:04 | 002,851,128 | ---- | M] (Microsoft Corporation) MD5=CDBB82FE58FB8D8F9423BB9EF3498CF3 -- C:\WINDOWS\SysNative\drivers\ntfs.sys
[2020/10/31 21:50:04 | 002,851,128 | ---- | M] (Microsoft Corporation) MD5=CDBB82FE58FB8D8F9423BB9EF3498CF3 -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_10.0.19041.508_none_8497b1017b98a6f4\ntfs.sys

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2019/12/07 10:07:53 | 000,166,200 | ---- | M] (NVIDIA Corporation) MD5=A11D15751217EEB734033BB5A929B1CD -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2019/12/07 10:07:53 | 000,166,200 | ---- | M] (NVIDIA Corporation) MD5=A11D15751217EEB734033BB5A929B1CD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_144351277838b429\nvstor.sys
[2019/12/07 10:07:53 | 000,166,200 | ---- | M] (NVIDIA Corporation) MD5=A11D15751217EEB734033BB5A929B1CD -- C:\Windows\WinSxS\amd64_dual_nvraid.inf_31bf3856ad364e35_10.0.19041.1_none_b22684d66e0db865\nvstor.sys

[color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color]
[2019/12/07 10:09:27 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=224AA81092A51AE0080DEE1E454E11AD -- C:\Windows\SysWOW64\proquota.exe
[2019/12/07 10:09:27 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=224AA81092A51AE0080DEE1E454E11AD -- C:\Windows\WinSxS\wow64_microsoft-windows-proquota_31bf3856ad364e35_10.0.19041.1_none_e80cafad6623705f\proquota.exe
[2019/12/07 10:08:55 | 000,049,664 | ---- | M] (Microsoft Corporation) MD5=4D60B00A13EAB7734CA1CF92B124B1DA -- C:\WINDOWS\SysNative\proquota.exe
[2019/12/07 10:08:55 | 000,049,664 | ---- | M] (Microsoft Corporation) MD5=4D60B00A13EAB7734CA1CF92B124B1DA -- C:\Windows\WinSxS\amd64_microsoft-windows-proquota_31bf3856ad364e35_10.0.19041.1_none_ddb8055b31c2ae64\proquota.exe

[color=#A23BEC]< MD5 for: QMGR.DLL >[/color]
[2020/10/08 17:27:54 | 000,037,125 | ---- | M] () MD5=12F2A2B2ADF14CD0BFA2277A4D484792 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-bits-client-core_31bf3856ad364e35_10.0.19041.488_none_0414e2d5e9c4cd7a\f\qmgr.dll
[2020/10/31 21:49:30 | 000,037,125 | ---- | M] () MD5=12F2A2B2ADF14CD0BFA2277A4D484792 -- C:\Windows\WinSxS\amd64_microsoft-windows-bits-client-core_31bf3856ad364e35_10.0.19041.488_none_0414e2d5e9c4cd7a\f\qmgr.dll
[2020/10/08 17:27:58 | 000,036,254 | ---- | M] () MD5=303A2732D121147551C3F19AA1C257CA -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-bits-client-core_31bf3856ad364e35_10.0.19041.488_none_0414e2d5e9c4cd7a\r\qmgr.dll
[2020/10/31 21:49:30 | 000,036,254 | ---- | M] () MD5=303A2732D121147551C3F19AA1C257CA -- C:\Windows\WinSxS\amd64_microsoft-windows-bits-client-core_31bf3856ad364e35_10.0.19041.488_none_0414e2d5e9c4cd7a\r\qmgr.dll
[2021/02/20 18:06:35 | 001,481,216 | ---- | M] (Microsoft Corporation) MD5=5732D33B38B48A322D7F6A3510387D2B -- C:\Windows\WinSxS\amd64_microsoft-windows-bits-client-core_31bf3856ad364e35_10.0.19041.746_none_043e27a3e9a6227d\qmgr.dll
[2020/10/31 21:49:36 | 001,473,024 | ---- | M] (Microsoft Corporation) MD5=C83CFCDDA60970C4DE57030B0330F866 -- C:\WINDOWS\SysNative\qmgr.dll
[2020/10/31 21:49:36 | 001,473,024 | ---- | M] (Microsoft Corporation) MD5=C83CFCDDA60970C4DE57030B0330F866 -- C:\Windows\WinSxS\amd64_microsoft-windows-bits-client-core_31bf3856ad364e35_10.0.19041.488_none_0414e2d5e9c4cd7a\qmgr.dll
[2021/01/31 14:30:58 | 000,054,356 | ---- | M] () MD5=E0E040A3CF939DDC991B801C896F6E71 -- C:\Windows\WinSxS\amd64_microsoft-windows-bits-client-core_31bf3856ad364e35_10.0.19041.746_none_043e27a3e9a6227d\r\qmgr.dll
[2021/01/31 14:30:56 | 000,057,400 | ---- | M] () MD5=F4C3DF918C9597CCB9F5309CD430FCB0 -- C:\Windows\WinSxS\amd64_microsoft-windows-bits-client-core_31bf3856ad364e35_10.0.19041.746_none_043e27a3e9a6227d\f\qmgr.dll

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2020/08/08 09:18:26 | 000,344,064 | ---- | M] (Microsoft Corporation) MD5=0A7E6CE68D60D0F1D272B82002E6B535 -- C:\WINDOWS\SysNative\scecli.dll
[2020/08/08 09:18:26 | 000,344,064 | ---- | M] (Microsoft Corporation) MD5=0A7E6CE68D60D0F1D272B82002E6B535 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_15f655ce37f84049\scecli.dll
[2020/10/08 17:39:36 | 000,000,376 | ---- | M] () MD5=2026F1D0EA30C699AC95D7447897E0B9 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_204b00206c590244\r\scecli.dll
[2021/01/31 14:43:14 | 000,000,376 | ---- | M] () MD5=2026F1D0EA30C699AC95D7447897E0B9 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_204b00206c590244\r\scecli.dll
[2020/08/08 09:18:37 | 000,000,376 | ---- | M] () MD5=2026F1D0EA30C699AC95D7447897E0B9 -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_204b00206c590244\r\scecli.dll
[2020/08/08 09:18:37 | 000,000,380 | ---- | M] () MD5=44D32DCE50B686030921979A9ADECF5D -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_204b00206c590244\f\scecli.dll
[2020/10/08 17:39:36 | 000,000,380 | ---- | M] () MD5=4F40B071728C3A5E6CD7917CFCB38FE4 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_204b00206c590244\f\scecli.dll
[2021/01/31 14:43:10 | 000,000,380 | ---- | M] () MD5=4F40B071728C3A5E6CD7917CFCB38FE4 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_204b00206c590244\f\scecli.dll
[2020/08/08 09:18:24 | 000,000,378 | ---- | M] () MD5=6352E261770D88DD2357764E69E3D925 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_15f655ce37f84049\f\scecli.dll
[2020/10/08 17:36:34 | 000,000,375 | ---- | M] () MD5=725182AC2777716433EDA687B69468F2 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_15f655ce37f84049\r\scecli.dll
[2021/01/31 14:43:18 | 000,000,375 | ---- | M] () MD5=725182AC2777716433EDA687B69468F2 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_15f655ce37f84049\r\scecli.dll
[2020/08/08 09:18:24 | 000,000,375 | ---- | M] () MD5=725182AC2777716433EDA687B69468F2 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_15f655ce37f84049\r\scecli.dll
[2020/08/08 09:18:38 | 000,254,464 | ---- | M] (Microsoft Corporation) MD5=CB535A1F73FF7E53CADC7D4047F4017B -- C:\Windows\SysWOW64\scecli.dll
[2020/08/08 09:18:38 | 000,254,464 | ---- | M] (Microsoft Corporation) MD5=CB535A1F73FF7E53CADC7D4047F4017B -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_204b00206c590244\scecli.dll
[2020/10/08 17:35:50 | 000,000,378 | ---- | M] () MD5=E79F8C6F3597E21AFBBA3A7783E2179A -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_15f655ce37f84049\f\scecli.dll
[2021/01/31 14:43:16 | 000,000,378 | ---- | M] () MD5=E79F8C6F3597E21AFBBA3A7783E2179A -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.19041.450_none_15f655ce37f84049\f\scecli.dll

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2021/01/31 14:40:20 | 000,006,288 | ---- | M] () MD5=523C5CB1FB81C00CE701E6A2ADD9B06C -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_10.0.19041.746_none_b444edee205809db\r\spoolsv.exe
[2020/10/08 17:33:12 | 000,004,087 | ---- | M] () MD5=5CF9F57027A1E22F52C612B94852B3CB -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_10.0.19041.423_none_b4578736204a8e7f\f\spoolsv.exe
[2020/08/08 09:17:55 | 000,004,087 | ---- | M] () MD5=5CF9F57027A1E22F52C612B94852B3CB -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_10.0.19041.423_none_b4578736204a8e7f\f\spoolsv.exe
[2021/01/31 14:40:16 | 000,006,734 | ---- | M] () MD5=BB8F35C35C8EE30B8916717A7B128E36 -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_10.0.19041.746_none_b444edee205809db\f\spoolsv.exe
[2020/10/08 17:33:32 | 000,003,857 | ---- | M] () MD5=C010AD2D854F2851FD20E6A9294D3513 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_10.0.19041.423_none_b4578736204a8e7f\r\spoolsv.exe
[2020/08/08 09:17:55 | 000,003,857 | ---- | M] () MD5=C010AD2D854F2851FD20E6A9294D3513 -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_10.0.19041.423_none_b4578736204a8e7f\r\spoolsv.exe
[2020/08/08 09:17:56 | 000,799,232 | ---- | M] (Microsoft Corporation) MD5=C98A3A0395AE60D108CBED7ACEBC0531 -- C:\WINDOWS\SysNative\spoolsv.exe
[2020/08/08 09:17:56 | 000,799,232 | ---- | M] (Microsoft Corporation) MD5=C98A3A0395AE60D108CBED7ACEBC0531 -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_10.0.19041.423_none_b4578736204a8e7f\spoolsv.exe
[2021/02/20 18:03:04 | 000,799,744 | ---- | M] (Microsoft Corporation) MD5=F1ACFF37D207872BB0A5A73727C41EA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_10.0.19041.746_none_b444edee205809db\spoolsv.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2020/10/08 17:35:46 | 000,002,977 | ---- | M] () MD5=0EE554381D54C7E4939A6D2FE124546C -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_93b4a0a1641d085c\f\svchost.exe
[2021/01/31 14:38:24 | 000,002,977 | ---- | M] () MD5=0EE554381D54C7E4939A6D2FE124546C -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_93b4a0a1641d085c\f\svchost.exe
[2020/10/31 21:49:59 | 000,002,977 | ---- | M] () MD5=0EE554381D54C7E4939A6D2FE124546C -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_93b4a0a1641d085c\f\svchost.exe
[2020/10/08 17:39:58 | 000,002,992 | ---- | M] () MD5=1BA5F35D950D6602DBE7B03061D97711 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_9e094af3987dca57\f\svchost.exe
[2021/01/31 14:42:34 | 000,002,992 | ---- | M] () MD5=1BA5F35D950D6602DBE7B03061D97711 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\wow64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_9e094af3987dca57\f\svchost.exe
[2020/10/31 21:50:29 | 000,002,992 | ---- | M] () MD5=1BA5F35D950D6602DBE7B03061D97711 -- C:\Windows\WinSxS\wow64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_9e094af3987dca57\f\svchost.exe
[2020/10/31 21:50:31 | 000,047,016 | ---- | M] (Microsoft Corporation) MD5=B7C999040D80E5BF87886D70D992C51E -- C:\Windows\SysWOW64\svchost.exe
[2020/10/31 21:50:31 | 000,047,016 | ---- | M] (Microsoft Corporation) MD5=B7C999040D80E5BF87886D70D992C51E -- C:\Windows\WinSxS\wow64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_9e094af3987dca57\svchost.exe
[2020/10/08 17:39:58 | 000,003,162 | ---- | M] () MD5=CF3F4E53C9B599E90DC649777511E1C7 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_9e094af3987dca57\r\svchost.exe
[2021/01/31 14:42:38 | 000,003,162 | ---- | M] () MD5=CF3F4E53C9B599E90DC649777511E1C7 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\wow64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_9e094af3987dca57\r\svchost.exe
[2020/10/31 21:50:29 | 000,003,162 | ---- | M] () MD5=CF3F4E53C9B599E90DC649777511E1C7 -- C:\Windows\WinSxS\wow64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_9e094af3987dca57\r\svchost.exe
[2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) MD5=F586835082F632DC8D9404D83BC16316 -- C:\WINDOWS\SysNative\svchost.exe
[2020/10/31 21:50:01 | 000,057,360 | ---- | M] (Microsoft Corporation) MD5=F586835082F632DC8D9404D83BC16316 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_93b4a0a1641d085c\svchost.exe
[2020/10/08 17:35:48 | 000,002,978 | ---- | M] () MD5=FD937CB0645436A9E80DDB4F90C0AEB7 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_93b4a0a1641d085c\r\svchost.exe
[2021/01/31 14:38:36 | 000,002,978 | ---- | M] () MD5=FD937CB0645436A9E80DDB4F90C0AEB7 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_93b4a0a1641d085c\r\svchost.exe
[2020/10/31 21:49:59 | 000,002,978 | ---- | M] () MD5=FD937CB0645436A9E80DDB4F90C0AEB7 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.19041.546_none_93b4a0a1641d085c\r\svchost.exe

[color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color]
[2021/01/31 14:40:16 | 000,010,317 | ---- | M] () MD5=5857CEB7A32D4C4EE1779F45E161295E -- C:\Windows\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_10.0.19041.789_none_6c704dc2b33117f0\r\termsrv.dll
[2020/10/08 17:35:26 | 000,000,408 | ---- | M] () MD5=5A16C9F62C683B06A7B7ABA198BC1505 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_10.0.19041.84_none_86425f0082618114\r\termsrv.dll
[2020/08/08 09:18:41 | 000,000,408 | ---- | M] () MD5=5A16C9F62C683B06A7B7ABA198BC1505 -- C:\Windows\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_10.0.19041.84_none_86425f0082618114\r\termsrv.dll
[2020/10/08 17:35:24 | 000,000,410 | ---- | M] () MD5=7313AF8EB734CBCDAB4387A6315C8706 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_10.0.19041.84_none_86425f0082618114\f\termsrv.dll
[2020/08/08 09:18:41 | 000,000,410 | ---- | M] () MD5=7313AF8EB734CBCDAB4387A6315C8706 -- C:\Windows\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_10.0.19041.84_none_86425f0082618114\f\termsrv.dll
[2020/08/08 09:18:45 | 001,120,256 | ---- | M] (Microsoft Corporation) MD5=780512970B44C32A56044AEFF90BF838 -- C:\WINDOWS\SysNative\termsrv.dll
[2020/08/08 09:18:45 | 001,120,256 | ---- | M] (Microsoft Corporation) MD5=780512970B44C32A56044AEFF90BF838 -- C:\Windows\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_10.0.19041.84_none_86425f0082618114\termsrv.dll
[2021/02/20 18:13:48 | 001,128,960 | ---- | M] (Microsoft Corporation) MD5=C70952D3C31A6B05889C3E37A8C22CA4 -- C:\Windows\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_10.0.19041.789_none_6c704dc2b33117f0\termsrv.dll
[2021/01/31 14:40:14 | 000,013,619 | ---- | M] () MD5=E86D726C205968DDD2053CF368B9D54E -- C:\Windows\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_10.0.19041.789_none_6c704dc2b33117f0\f\termsrv.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2019/12/07 10:09:26 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=05D02F412A916B7322AB94E5D8EA9767 -- C:\Windows\SysWOW64\userinit.exe
[2019/12/07 10:09:26 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=05D02F412A916B7322AB94E5D8EA9767 -- C:\Windows\WinSxS\wow64_microsoft-windows-userinit_31bf3856ad364e35_10.0.19041.1_none_9c6e71eba56e4081\userinit.exe
[2019/12/07 10:08:49 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=582A919CA5F944AA83895A5C633C122C -- C:\WINDOWS\SysNative\userinit.exe
[2019/12/07 10:08:49 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=582A919CA5F944AA83895A5C633C122C -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_10.0.19041.1_none_9219c799710d7e86\userinit.exe

[color=#A23BEC]< MD5 for: WININET.DLL >[/color]
[2020/10/31 21:50:08 | 005,057,024 | ---- | M] (Microsoft Corporation) MD5=02575AF42913ADC86345684381AAC23A -- C:\WINDOWS\SysNative\wininet.dll
[2020/10/31 21:50:08 | 005,057,024 | ---- | M] (Microsoft Corporation) MD5=02575AF42913ADC86345684381AAC23A -- C:\Windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.546_none_239a4e712a16f446\wininet.dll
[2021/02/20 18:12:30 | 004,523,520 | ---- | M] (Microsoft Corporation) MD5=0DA093EED757FD5DF95282A1F35761D5 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.746_none_2deefc8f5e77b08f\wininet.dll
[2021/01/31 14:42:58 | 000,040,608 | ---- | M] () MD5=19CDD91E51D69DE6F88858C3E9B295A9 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.746_none_2deefc8f5e77b08f\f\wininet.dll
[2020/10/31 21:50:34 | 004,523,008 | ---- | M] (Microsoft Corporation) MD5=22E58D59A26FFAA16E660BBB9381B181 -- C:\Windows\SysWOW64\wininet.dll
[2020/10/31 21:50:34 | 004,523,008 | ---- | M] (Microsoft Corporation) MD5=22E58D59A26FFAA16E660BBB9381B181 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.546_none_2deef8c35e77b641\wininet.dll
[2020/10/08 17:39:24 | 000,041,841 | ---- | M] () MD5=7E915F8A0D827205DDEE6C2D32F849E2 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.546_none_2deef8c35e77b641\r\wininet.dll
[2020/10/31 21:50:33 | 000,041,841 | ---- | M] () MD5=7E915F8A0D827205DDEE6C2D32F849E2 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.546_none_2deef8c35e77b641\r\wininet.dll
[2021/01/31 14:41:52 | 000,042,362 | ---- | M] () MD5=93A653A7387608F4624E8027D72F3888 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.746_none_239a523d2a16ee94\r\wininet.dll
[2021/01/31 14:41:46 | 000,040,885 | ---- | M] () MD5=A93DE374380D0A00FB3475885110777B -- C:\Windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.746_none_239a523d2a16ee94\f\wininet.dll
[2021/01/31 14:43:16 | 000,042,292 | ---- | M] () MD5=B450E02C0FE4479EC2225DB28C816056 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.746_none_2deefc8f5e77b08f\r\wininet.dll
[2021/02/20 18:10:06 | 005,057,024 | ---- | M] (Microsoft Corporation) MD5=B49A72E27931513822547EB517008780 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.746_none_239a523d2a16ee94\wininet.dll
[2020/10/08 17:39:20 | 000,039,836 | ---- | M] () MD5=DBE39308B4B32FAC1FA774AD1E46CF69 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.546_none_239a4e712a16f446\f\wininet.dll
[2020/10/31 21:50:04 | 000,039,836 | ---- | M] () MD5=DBE39308B4B32FAC1FA774AD1E46CF69 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.546_none_239a4e712a16f446\f\wininet.dll
[2020/10/08 17:39:08 | 000,040,021 | ---- | M] () MD5=E70F563A73C1096205D8F3CD26331FB9 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.546_none_2deef8c35e77b641\f\wininet.dll
[2020/10/31 21:50:33 | 000,040,021 | ---- | M] () MD5=E70F563A73C1096205D8F3CD26331FB9 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.546_none_2deef8c35e77b641\f\wininet.dll
[2020/10/08 17:39:30 | 000,041,447 | ---- | M] () MD5=FF6B54C21DE35EF7B56A4454AF212B9F -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.546_none_239a4e712a16f446\r\wininet.dll
[2020/10/31 21:50:04 | 000,041,447 | ---- | M] () MD5=FF6B54C21DE35EF7B56A4454AF212B9F -- C:\Windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.19041.546_none_239a4e712a16f446\r\wininet.dll

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2020/10/08 17:39:14 | 000,011,973 | ---- | M] () MD5=09D2359A671FCE751915DD9CF2338BFC -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-wininit_31bf3856ad364e35_10.0.19041.546_none_0eebffcf631ff119\r\wininit.exe
[2020/10/31 21:49:59 | 000,011,973 | ---- | M] () MD5=09D2359A671FCE751915DD9CF2338BFC -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_10.0.19041.546_none_0eebffcf631ff119\r\wininit.exe
[2021/01/31 14:39:16 | 000,011,945 | ---- | M] () MD5=5CF6786C66DAABBF9D28FA438DBFA3E7 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_10.0.19041.662_none_0ed260b56333c0c6\r\wininit.exe
[2021/01/31 14:39:16 | 000,012,013 | ---- | M] () MD5=870C75F593F1701B3034CF2FDA7324CB -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_10.0.19041.662_none_0ed260b56333c0c6\f\wininit.exe
[2021/02/20 18:09:32 | 000,419,432 | ---- | M] (Microsoft Corporation) MD5=9EF51C8AD595C5E2A123C06AD39FCCD7 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_10.0.19041.662_none_0ed260b56333c0c6\wininit.exe
[2020/10/08 17:39:10 | 000,012,003 | ---- | M] () MD5=ADFFF8CB8E242FA3B7FB6C481A60C142 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-wininit_31bf3856ad364e35_10.0.19041.546_none_0eebffcf631ff119\f\wininit.exe
[2020/10/31 21:49:59 | 000,012,003 | ---- | M] () MD5=ADFFF8CB8E242FA3B7FB6C481A60C142 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_10.0.19041.546_none_0eebffcf631ff119\f\wininit.exe
[2020/10/31 21:50:02 | 000,419,432 | ---- | M] (Microsoft Corporation) MD5=DB516676B9D40004985E6D25A74943D7 -- C:\WINDOWS\SysNative\wininit.exe
[2020/10/31 21:50:02 | 000,419,432 | ---- | M] (Microsoft Corporation) MD5=DB516676B9D40004985E6D25A74943D7 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_10.0.19041.546_none_0eebffcf631ff119\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2021/01/31 14:40:14 | 000,017,247 | ---- | M] () MD5=157112CCA71654ED455BBA980C65777F -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.662_none_4da2a8fd33d49619\r\winlogon.exe
[2021/01/31 14:40:14 | 000,017,247 | ---- | M] () MD5=157112CCA71654ED455BBA980C65777F -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.662_none_4da2a8fd33d49619\r\winlogon.exe
[2020/10/31 21:50:06 | 000,907,776 | ---- | M] (Microsoft Corporation) MD5=790D2A6C194038513919DA17C6B91549 -- C:\WINDOWS\SysNative\winlogon.exe
[2020/10/31 21:50:06 | 000,907,776 | ---- | M] (Microsoft Corporation) MD5=790D2A6C194038513919DA17C6B91549 -- C:\WINDOWS\SysNative\winlogon.exe
[2020/10/31 21:50:06 | 000,907,776 | ---- | M] (Microsoft Corporation) MD5=790D2A6C194038513919DA17C6B91549 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.572_none_4d97d72b33dcb4e3\winlogon.exe
[2020/10/31 21:50:06 | 000,907,776 | ---- | M] (Microsoft Corporation) MD5=790D2A6C194038513919DA17C6B91549 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.572_none_4d97d72b33dcb4e3\winlogon.exe
[2020/10/08 17:38:52 | 000,017,216 | ---- | M] () MD5=8A22A426D886D487396A551BF9B018EE -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.572_none_4d97d72b33dcb4e3\r\winlogon.exe
[2020/10/08 17:38:52 | 000,017,216 | ---- | M] () MD5=8A22A426D886D487396A551BF9B018EE -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.572_none_4d97d72b33dcb4e3\r\winlogon.exe
[2020/10/31 21:50:04 | 000,017,216 | ---- | M] () MD5=8A22A426D886D487396A551BF9B018EE -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.572_none_4d97d72b33dcb4e3\r\winlogon.exe
[2020/10/31 21:50:04 | 000,017,216 | ---- | M] () MD5=8A22A426D886D487396A551BF9B018EE -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.572_none_4d97d72b33dcb4e3\r\winlogon.exe
[2020/10/08 17:38:48 | 000,017,498 | ---- | M] () MD5=9E394D299916074BAC58BABB941201B0 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.572_none_4d97d72b33dcb4e3\f\winlogon.exe
[2020/10/08 17:38:48 | 000,017,498 | ---- | M] () MD5=9E394D299916074BAC58BABB941201B0 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.572_none_4d97d72b33dcb4e3\f\winlogon.exe
[2020/10/31 21:50:04 | 000,017,498 | ---- | M] () MD5=9E394D299916074BAC58BABB941201B0 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.572_none_4d97d72b33dcb4e3\f\winlogon.exe
[2020/10/31 21:50:04 | 000,017,498 | ---- | M] () MD5=9E394D299916074BAC58BABB941201B0 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.572_none_4d97d72b33dcb4e3\f\winlogon.exe
[2021/01/31 14:40:00 | 000,017,511 | ---- | M] () MD5=BE8700EB620F0330B8BB8DC648206D9A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.662_none_4da2a8fd33d49619\f\winlogon.exe
[2021/01/31 14:40:00 | 000,017,511 | ---- | M] () MD5=BE8700EB620F0330B8BB8DC648206D9A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.662_none_4da2a8fd33d49619\f\winlogon.exe
[2021/02/20 18:09:49 | 000,907,776 | ---- | M] (Microsoft Corporation) MD5=BF6EA00C7E364065320924D71D545113 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.662_none_4da2a8fd33d49619\winlogon.exe
[2021/02/20 18:09:49 | 000,907,776 | ---- | M] (Microsoft Corporation) MD5=BF6EA00C7E364065320924D71D545113 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.19041.662_none_4da2a8fd33d49619\winlogon.exe

[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2020/10/08 17:39:00 | 000,002,898 | ---- | M] () MD5=01BA3D573157FE7A23B41F6E79A8B6D6 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_db05a21561861236\f\ws2_32.dll
[2021/01/31 14:43:40 | 000,002,898 | ---- | M] () MD5=01BA3D573157FE7A23B41F6E79A8B6D6 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\wow64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_db05a21561861236\f\ws2_32.dll
[2020/10/31 21:50:13 | 000,002,898 | ---- | M] () MD5=01BA3D573157FE7A23B41F6E79A8B6D6 -- C:\Windows\WinSxS\wow64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_db05a21561861236\f\ws2_32.dll
[2020/10/31 21:50:06 | 000,427,200 | ---- | M] (Microsoft Corporation) MD5=6EED88C1206032A2797ABF131C6242CF -- C:\WINDOWS\SysNative\ws2_32.dll
[2020/10/31 21:50:06 | 000,427,200 | ---- | M] (Microsoft Corporation) MD5=6EED88C1206032A2797ABF131C6242CF -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_d0b0f7c32d25503b\ws2_32.dll
[2020/10/31 21:50:17 | 000,397,728 | ---- | M] (Microsoft Corporation) MD5=8D7DB101A7211FE3309DC4DC8CF2DD0A -- C:\Windows\SysWOW64\ws2_32.dll
[2020/10/31 21:50:17 | 000,397,728 | ---- | M] (Microsoft Corporation) MD5=8D7DB101A7211FE3309DC4DC8CF2DD0A -- C:\Windows\WinSxS\wow64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_db05a21561861236\ws2_32.dll
[2020/10/08 17:39:02 | 000,002,883 | ---- | M] () MD5=94E41165BEA584DC36547BCE51FA1547 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\wow64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_db05a21561861236\r\ws2_32.dll
[2021/01/31 14:43:42 | 000,002,883 | ---- | M] () MD5=94E41165BEA584DC36547BCE51FA1547 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\wow64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_db05a21561861236\r\ws2_32.dll
[2020/10/31 21:50:13 | 000,002,883 | ---- | M] () MD5=94E41165BEA584DC36547BCE51FA1547 -- C:\Windows\WinSxS\wow64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_db05a21561861236\r\ws2_32.dll
[2020/10/08 17:36:06 | 000,007,215 | ---- | M] () MD5=CFB1808A9F334FB5398537372725A6C5 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_d0b0f7c32d25503b\f\ws2_32.dll
[2021/01/31 14:39:54 | 000,007,215 | ---- | M] () MD5=CFB1808A9F334FB5398537372725A6C5 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_d0b0f7c32d25503b\f\ws2_32.dll
[2020/10/31 21:50:04 | 000,007,215 | ---- | M] () MD5=CFB1808A9F334FB5398537372725A6C5 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_d0b0f7c32d25503b\f\ws2_32.dll
[2020/10/08 17:36:06 | 000,006,817 | ---- | M] () MD5=ED1B5913E028B3427067F632CEBF8AA3 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.572.1.8\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_d0b0f7c32d25503b\r\ws2_32.dll
[2021/01/31 14:39:54 | 000,006,817 | ---- | M] () MD5=ED1B5913E028B3427067F632CEBF8AA3 -- C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.804.1.4\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_d0b0f7c32d25503b\r\ws2_32.dll
[2020/10/31 21:50:04 | 000,006,817 | ---- | M] () MD5=ED1B5913E028B3427067F632CEBF8AA3 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.19041.546_none_d0b0f7c32d25503b\r\ws2_32.dll

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2020/10/31 21:50:54 | 006,421,504 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\ieframe.dll

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\ *.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\* .sav >[/color]

[color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color]
[2020/10/31 21:50:02 | 000,021,312 | ---- | M] (Microsoft Corporation) -- c:\$recycle.bin\S-1-5-21-2006721426-3266113688-436611808-1001\BTFMCEEI.WAK
[2021/02/13 15:31:14 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-2006721426-3266113688-436611808-1001\desktop.ini

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:56E61E54

< End of report >

Publicité


Signaler le contenu de ce document

Publicité