OTL logfile created on: 05/01/2017 20:11:09 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\eliec\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.14393.0) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 7,87 Gb Total Physical Memory | 4,51 Gb Available Physical Memory | 57,24% Memory free 10,25 Gb Paging File | 6,40 Gb Available in Paging File | 62,45% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 118,48 Gb Total Space | 19,64 Gb Free Space | 16,57% Space Free | Partition Type: NTFS Drive D: | 931,51 Gb Total Space | 897,98 Gb Free Space | 96,40% Space Free | Partition Type: NTFS Drive J: | 4,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: DESKTOP-OS06693 | User Name: eliec | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - File not found PRC - C:\Users\eliec\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\eliec\AppData\Roaming\dgjdg\UvConverter.exe () PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Windows\SysWOW64\NetUtils2016.exe () PRC - C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\amuleC1\ed2k.exe (http://www.amule.org/) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Users\eliec\AppData\Local\Pushbullet\bin\pushbullet_client.exe (Pushbullet Inc) PRC - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe () PRC - C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Skype Technologies) PRC - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (Node.js) PRC - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems, Incorporated) PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Ditto\Ditto.exe () PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.) PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.) PRC - C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) PRC - C:\Users\eliec\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (Intel(R) Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\Pushbullet\pushbullet.exe (Pushbullet inc) PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) PRC - C:\Program Files\Conexant\SAII\SmartAudio.exe (Conexant Systems, Inc) PRC - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe () PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTek Computer Inc.) PRC - C:\Users\eliec\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC) PRC - C:\Windows\SysWOW64\SASrv.exe (Conexant Systems, Inc.) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Program Files\AVAST Software\Avast\libcef.dll () MOD - C:\Program Files\AVAST Software\Avast\ffl2.dll () MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll () MOD - C:\PROGRA~1\AVASTS~1\Avast\JsonRpcServer.dll () MOD - C:\Program Files (x86)\Steam\video.dll () MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll () MOD - C:\Program Files (x86)\Steam\Steam.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\31891cda2f40006af1f149bf856c17ca\System.Web.ni.dll () MOD - C:\Windows\SysWOW64\CoreUIComponents.dll () MOD - C:\Program Files (x86)\Steam\SDL2.dll () MOD - C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c02fbf560e52a1aab432a90d4c613af4\System.Windows.Forms.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\2ef166b11d9cb6ee0c0a80cfd0189a4b\Interop.CxHDAudioAPILib.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\02386c57c46556747a75089068a31af0\Microsoft.VisualBasic.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\272d1cf3a7cbd4cd648a2ff2d7a8889a\System.Runtime.Remoting.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SmartAudio\38be2c0654d39e84cb6038bfca2a0325\SmartAudio.ni.exe () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Deployment\6e744d22c36b8ae6f67f5a2d79025ede\System.Deployment.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\c2abcda8f96d67fa6ff5665fd21dddff\System.Drawing.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\5237480aedaa4904c6fd85dae99af471\System.Numerics.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75ed56cf95fe6228472b5e57ac7a76b7\UIAutomationTypes.ni.dll () MOD - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll () MOD - \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanMessage5.dll () MOD - \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanControl.dll () MOD - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll () MOD - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe () MOD - \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node () MOD - \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node () MOD - \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node () MOD - \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node () MOD - \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node () MOD - C:\Program Files (x86)\Steam\v8.dll () MOD - C:\Program Files (x86)\Steam\icui18n.dll () MOD - C:\Program Files (x86)\Steam\icuuc.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\40571abae9422cd2ca6fafbbde1c3cdc\mscorlib.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\08da6b6698b412866e6910ae9b84f363\System.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\f6ebd52be27fe627fed0d185c6a9c0d5\System.Core.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\7532301b00fac8def2f526ca8b480e11\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\5751e969e4789e60d3ad463cb6024006\WindowsBase.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\04c4f83e0b62ff553abff98943e45f42\System.Xaml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\aa9c29b70b4cceab890eb841f89d73e9\System.Configuration.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\5272cb4aeec65bec2fffb45e9cb22910\PresentationFramework.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\051a282e157a228405b2e0d867c3ce1d\PresentationCore.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\def8702c6e883330fb8cb8e3f5c5e665\PresentationFramework.Aero2.ni.dll () MOD - C:\Program Files (x86)\Steam\openvr_api.dll () MOD - C:\Program Files (x86)\Ditto\Ditto.exe () MOD - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll () MOD - C:\Program Files (x86)\Steam\libavcodec-56.dll () MOD - C:\Program Files (x86)\Steam\libavformat-56.dll () MOD - C:\Program Files (x86)\Steam\libswscale-3.dll () MOD - C:\Program Files (x86)\Steam\libavutil-54.dll () MOD - C:\Program Files (x86)\Steam\libavresample-2.dll () MOD - C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll () MOD - C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll () MOD - C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll () MOD - C:\Program Files (x86)\Steam\winh264.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll () [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - (mccspsvc) -- C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe File not found SRV:[b]64bit:[/b] - (InstallerService) -- C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe File not found SRV:[b]64bit:[/b] - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV:[b]64bit:[/b] - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe (McAfee, Inc.) SRV:[b]64bit:[/b] - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (Disc Soft Lite Bus Service) -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd) SRV:[b]64bit:[/b] - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (cplspcon) -- C:\Windows\SysNative\IntelCpHDCPSvc.exe (Intel Corporation) SRV:[b]64bit:[/b] - (igfxCUIService2.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation) SRV:[b]64bit:[/b] - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DcpSvc) -- C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (WpnUserService_103d5f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (UserDataSvc_103d5f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (UnistoreSvc_103d5f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (PimIndexMaintenanceSvc_103d5f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (OneSyncSvc_103d5f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (MessagingService_103d5f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (CDPUserSvc_103d5f) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (ibtsiva) -- C:\WINDOWS\SysNative\ibtsiva.exe (Intel Corporation) SRV:[b]64bit:[/b] - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation) SRV:[b]64bit:[/b] - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe () SRV:[b]64bit:[/b] - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV:[b]64bit:[/b] - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV:[b]64bit:[/b] - (GfExperienceService) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) SRV:[b]64bit:[/b] - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) SRV:[b]64bit:[/b] - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation) SRV:[b]64bit:[/b] - (CxAudMsg) -- C:\Windows\SysNative\CxAudMsg64.exe (Conexant Systems Inc.) SRV - (GubedZL) -- C:\Program Files (x86)\Gubed\GubedZL.dll () SRV - (Convxxxx) -- C:\Users\eliec\AppData\Roaming\dgjdg\UvConverter.exe () SRV - (hynisoky) -- C:\Program Files (x86)\7c1dd0bc-fc85-435e-bf31-9e6173024dc31483447787\kns20CE.tmp () SRV - (NetUtils2016srv) -- C:\Windows\SysWOW64\NetUtils2016.exe () SRV - (Bumadom) -- C:\Program Files (x86)\Gerlert\hppLauncher.dll () SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (ed2kidle) -- C:\Program Files (x86)\amuleC1\ed2k.exe (http://www.amule.org/) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios) SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation) SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation) SRV - (TeamViewer) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (AdobeUpdateService) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems Incorporated) SRV - (AGSService) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems, Incorporated) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation) SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.) SRV - (ROGGamingCenterService) -- C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe (ASUSTeK COMPUTER INC.) SRV - (XTU3SERVICE) -- C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (Intel(R) Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (esifsvc) -- C:\Windows\SysWOW64\esif_uf.exe (Intel Corporation) SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.) SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) SRV - (Intel(R) -- C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe (Intel Corporation) SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) SRV - (isaHelperSvc) -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe () SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Intel Corporation) SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTek Computer Inc.) SRV - (SAService) -- C:\Windows\SysWOW64\SASrv.exe (Conexant Systems, Inc.) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - (aswHdsKe) -- C:\Windows\SysNative\drivers\aswHdsKe.sys (AVAST Software) DRV:[b]64bit:[/b] - (TrueSight) -- C:\Windows\SysNative\drivers\TrueSight.sys () DRV:[b]64bit:[/b] - (aswVmm) -- C:\WINDOWS\SysNative\drivers\aswvmm.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswSP) -- C:\Windows\SysNative\drivers\aswsp.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswSnx) -- C:\Windows\SysNative\drivers\aswsnx.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswRvrt) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software) DRV:[b]64bit:[/b] - (NetUtils2016) -- C:\Windows\SysNative\drivers\NetUtils2016.sys () DRV:[b]64bit:[/b] - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project) DRV:[b]64bit:[/b] - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies) DRV:[b]64bit:[/b] - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (dtliteusbbus) -- C:\Windows\SysNative\drivers\dtliteusbbus.sys (Disc Soft Ltd) DRV:[b]64bit:[/b] - (dtlitescsibus) -- C:\Windows\SysNative\drivers\dtlitescsibus.sys (Disc Soft Ltd) DRV:[b]64bit:[/b] - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys (NVIDIA Corporation) DRV:[b]64bit:[/b] - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:[b]64bit:[/b] - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (clreg) -- C:\Windows\SysNative\drivers\registry.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys () DRV:[b]64bit:[/b] - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (tsusbflt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation) DRV:[b]64bit:[/b] - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation) DRV:[b]64bit:[/b] - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation) DRV:[b]64bit:[/b] - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation) DRV:[b]64bit:[/b] - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation) DRV:[b]64bit:[/b] - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation) DRV:[b]64bit:[/b] - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications) DRV:[b]64bit:[/b] - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra) DRV:[b]64bit:[/b] - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox) DRV:[b]64bit:[/b] - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation) DRV:[b]64bit:[/b] - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox) DRV:[b]64bit:[/b] - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications) DRV:[b]64bit:[/b] - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation) DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:[b]64bit:[/b] - (scmdisk0101) -- C:\Windows\SysNative\drivers\scmdisk0101.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox) DRV:[b]64bit:[/b] - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI) DRV:[b]64bit:[/b] - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation) DRV:[b]64bit:[/b] - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies) DRV:[b]64bit:[/b] - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation) DRV:[b]64bit:[/b] - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox) DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:[b]64bit:[/b] - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:[b]64bit:[/b] - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies) DRV:[b]64bit:[/b] - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies) DRV:[b]64bit:[/b] - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox) DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.) DRV:[b]64bit:[/b] - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider) DRV:[b]64bit:[/b] - (bcmfn) -- C:\Windows\SysNative\drivers\bcmfn.sys (Windows (R) Win 7 DDK provider) DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation) DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation) DRV:[b]64bit:[/b] - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation) DRV:[b]64bit:[/b] - (Netwtw04) -- C:\Windows\SysNative\drivers\Netwtw04.sys (Intel Corporation) DRV:[b]64bit:[/b] - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation) DRV:[b]64bit:[/b] - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ibtusb) -- C:\Windows\SysNative\drivers\ibtusb.sys (Intel Corporation) DRV:[b]64bit:[/b] - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:[b]64bit:[/b] - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64-6.sys (Cisco Systems, Inc.) DRV:[b]64bit:[/b] - (acsock) -- C:\Windows\SysNative\drivers\acsock64.sys (Cisco Systems, Inc.) DRV:[b]64bit:[/b] - (AsusSGDrv) -- C:\Windows\SysNative\drivers\AsusSGDrv.sys (ASUS Corporation) DRV:[b]64bit:[/b] - (ICCWDT) -- C:\Windows\SysNative\drivers\ICCWDT.sys (Intel Corporation) DRV:[b]64bit:[/b] - (HIDSwitch) -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys (ASUS) DRV:[b]64bit:[/b] - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek ) DRV:[b]64bit:[/b] - (esif_lf) -- C:\Windows\SysNative\drivers\esif_lf.sys (Intel Corporation) DRV:[b]64bit:[/b] - (dptf_acpi) -- C:\Windows\SysNative\drivers\dptf_acpi.sys (Intel Corporation) DRV:[b]64bit:[/b] - (dptf_cpu) -- C:\Windows\SysNative\drivers\dptf_cpu.sys (Intel Corporation) DRV:[b]64bit:[/b] - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.) DRV:[b]64bit:[/b] - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation) DRV:[b]64bit:[/b] - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation) DRV:[b]64bit:[/b] - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation) DRV:[b]64bit:[/b] - (RTSPER) -- C:\Windows\SysNative\drivers\RtsPer.sys (Realsil Semiconductor Corporation) DRV:[b]64bit:[/b] - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.) DRV:[b]64bit:[/b] - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation) DRV:[b]64bit:[/b] - (NvnUsbAudio) -- C:\Windows\SysNative\drivers\nvnusbaudio.sys (Novation DMS Ltd.) DRV - (nvlddmkm) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys (NVIDIA Corporation) DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys (Microsoft Corporation) DRV - (iocbios2) -- C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys (Intel Corporation) DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS) DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUSTek Computer Inc.) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.amisites.com/?type=hp&ts=1483635350&z=5c5ded11297901f9dcc1b4ag1z7bbc0qfcbwecfzeo&from=che0812&uid=HGSTXHTS721010A9E630_JR10004M1AB31E1AB31EX IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.amisites.com/search/?type=ds&ts=1483635350&z=5c5ded11297901f9dcc1b4ag1z7bbc0qfcbwecfzeo&from=che0812&uid=HGSTXHTS721010A9E630_JR10004M1AB31E1AB31EX&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.amisites.com/search/?type=ds&ts=1483635350&z=5c5ded11297901f9dcc1b4ag1z7bbc0qfcbwecfzeo&from=che0812&uid=HGSTXHTS721010A9E630_JR10004M1AB31E1AB31EX&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.amisites.com/?type=hp&ts=1483635350&z=5c5ded11297901f9dcc1b4ag1z7bbc0qfcbwecfzeo&from=che0812&uid=HGSTXHTS721010A9E630_JR10004M1AB31E1AB31EX IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.amisites.com/search/?type=ds&ts=1483635350&z=5c5ded11297901f9dcc1b4ag1z7bbc0qfcbwecfzeo&from=che0812&uid=HGSTXHTS721010A9E630_JR10004M1AB31E1AB31EX&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.amisites.com/?type=hp&ts=1483635350&z=5c5ded11297901f9dcc1b4ag1z7bbc0qfcbwecfzeo&from=che0812&uid=HGSTXHTS721010A9E630_JR10004M1AB31E1AB31EX IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.amisites.com/search/?type=ds&ts=1483635350&z=5c5ded11297901f9dcc1b4ag1z7bbc0qfcbwecfzeo&from=che0812&uid=HGSTXHTS721010A9E630_JR10004M1AB31E1AB31EX&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.amisites.com/search/?type=ds&ts=1483635350&z=5c5ded11297901f9dcc1b4ag1z7bbc0qfcbwecfzeo&from=che0812&uid=HGSTXHTS721010A9E630_JR10004M1AB31E1AB31EX&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.amisites.com/?type=hp&ts=1483635350&z=5c5ded11297901f9dcc1b4ag1z7bbc0qfcbwecfzeo&from=che0812&uid=HGSTXHTS721010A9E630_JR10004M1AB31E1AB31EX IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.amisites.com/search/?type=ds&ts=1483635350&z=5c5ded11297901f9dcc1b4ag1z7bbc0qfcbwecfzeo&from=che0812&uid=HGSTXHTS721010A9E630_JR10004M1AB31E1AB31EX&q={searchTerms} IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?bcutc=sp-006&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.amisites.com/?type=hp&ts=1483635350&z=5c5ded11297901f9dcc1b4ag1z7bbc0qfcbwecfzeo&from=che0812&uid=HGSTXHTS721010A9E630_JR10004M1AB31E1AB31EX IE - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006 IE - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp-006&q={searchTerms} IE - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.amisites.com/?type=hp&ts=1483635350&z=5c5ded11297901f9dcc1b4ag1z7bbc0qfcbwecfzeo&from=che0812&uid=HGSTXHTS721010A9E630_JR10004M1AB31E1AB31EX IE - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\..\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com/Results.aspx?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=3381EA80-CC68-4569-8DEC-6ED8E77A8982&SearchSource=58&CUI=&UM=8&UP=SPC909112A-1B2F-43B7-BA40-A59B977B56BC&D=091616&q={searchTerms}&SSPV= IE - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?pc=COSP&ptag=D121616-A855B9C56E1&form=CONBDF&conlogo=CT3335450&q={searchTerms} IE - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.amisites.com/search/?type=ds&ts=1483635350&z=5c5ded11297901f9dcc1b4ag1z7bbc0qfcbwecfzeo&from=che0812&uid=HGSTXHTS721010A9E630_JR10004M1AB31E1AB31EX&q={searchTerms} IE - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?bcutc=sp-006&q={searchTerms} IE - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\..\SearchScopes\{EBDFAFED-F38C-4AFB-849D-6C7B5DB16BBD}: "URL" = http://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=H13zftpbl0cshmoBU,3d5df80f-1793-4c24-b003-6e897b4cf22d, IE - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "FR" FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.defaultthis.engineName: "Google" FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search?bcutc=sp-006" FF - prefs.js..browser.search.order.1: "Google" FF - prefs.js..browser.search.region: "FR" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.fr/?gws_rd=ssl" FF - prefs.js..extensions.enabledAddons: firefox%40online-convert.com:1.4.1-signed.1-signed FF - prefs.js..extensions.enabledAddons: tabletools2%40mingyi.org:1.17.1-signed.1-signed FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0 FF - prefs.js..keyword.URL: "https://www.google.com/search?bcutc=sp-006" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2017/01/03 21:40:34 | 000,000,000 | ---D | M] 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2017/01/03 21:40:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017/01/03 21:40:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2017/01/03 21:40:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/09/04 06:54:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\Extensions [2016/12/01 21:23:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\Firefox\Profiles\6e1xcqw7.default-1476025904911\browser-extension-data [2016/10/24 13:58:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\Firefox\Profiles\6e1xcqw7.default-1476025904911\browser-extension-data\firefox@ghostery.com [2016/12/01 21:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\Firefox\Profiles\6e1xcqw7.default-1476025904911\browser-extension-data\particle@particlecore.github.io [2016/12/01 21:23:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\Firefox\Profiles\6e1xcqw7.default-1476025904911\browser-extension-data\stefanvandamme@stefanvd.net [2017/01/05 20:13:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\Firefox\Profiles\6e1xcqw7.default-1476025904911\extension-data [2017/01/04 00:15:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\Firefox\Profiles\6e1xcqw7.default-1476025904911\extensions [2016/11/24 11:15:23 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\eliec\AppData\Roaming\mozilla\Firefox\Profiles\6e1xcqw7.default-1476025904911\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2016/12/01 21:31:48 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="tabletools2@mingyi.org" em:unpack="true" em:type="2" em:name="TableTools2" em:version="1.17.1-signed.1-signed" em:creator="Mingyi Liu" em:description="Sort, search, filter, chart, summarize, copy, rearrange, combine and compare HTML tables" em:homepageURL="http://www.mingyi.org" em:iconURL="chrome://tabletools2/skin/ttool_small.png" em:optionsURL="chrome://tabletools2/content/tabletoolsOptions.xul" em:aboutURL="chrome://tabletools2/content/about.xul" em:contributor="TT2 Charting function uses the canvasXpress package by Isaac Neuhaus">) -- C:\Users\eliec\AppData\Roaming\mozilla\Firefox\Profiles\6e1xcqw7.default-1476025904911\extensions\tabletools2@mingyi.org [2016/11/30 16:44:36 | 001,405,642 | ---- | M] () (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\firefox\profiles\6e1xcqw7.default-1476025904911\extensions\firefox@ghostery.com.xpi [2017/01/04 00:15:53 | 005,212,118 | ---- | M] () (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\firefox\profiles\6e1xcqw7.default-1476025904911\extensions\firefox@mega.co.nz.xpi [2016/10/23 19:23:24 | 000,018,785 | ---- | M] () (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\firefox\profiles\6e1xcqw7.default-1476025904911\extensions\firefox@online-convert.com.xpi [2016/12/06 18:52:24 | 000,079,454 | ---- | M] () (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\firefox\profiles\6e1xcqw7.default-1476025904911\extensions\particle@particlecore.github.io.xpi [2016/12/01 21:23:26 | 001,361,892 | ---- | M] () (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\firefox\profiles\6e1xcqw7.default-1476025904911\extensions\stefanvandamme@stefanvd.net.xpi [2016/12/01 21:17:06 | 000,466,477 | ---- | M] () (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\firefox\profiles\6e1xcqw7.default-1476025904911\extensions\thefoxonlybetter@quicksaver.xpi [2016/12/19 15:39:56 | 001,558,801 | ---- | M] () (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\firefox\profiles\6e1xcqw7.default-1476025904911\extensions\uBlock0@raymondhill.net.xpi [2016/12/01 21:37:23 | 000,029,049 | ---- | M] () (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\firefox\profiles\6e1xcqw7.default-1476025904911\extensions\{0e3fc079-afbb-4a00-87e5-9486062d0f9c}.xpi [2016/11/25 08:43:11 | 001,055,311 | ---- | M] () (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\firefox\profiles\6e1xcqw7.default-1476025904911\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016/12/01 21:26:51 | 000,067,840 | ---- | M] () (No name found) -- C:\Users\eliec\AppData\Roaming\mozilla\firefox\profiles\6e1xcqw7.default-1476025904911\extensions\{f3f219f9-cbce-467e-b8fe-6e076d29665c}.xpi [2017/01/04 00:00:05 | 000,002,426 | ---- | M] () -- C:\Users\eliec\AppData\Roaming\mozilla\firefox\profiles\6e1xcqw7.default-1476025904911\searchplugins\google-avast.xml [2017/01/04 00:05:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [color=#E56717]========== Chrome ==========[/color] CHR - plugin: Error reading preferences file CHR - Extension: No name found = C:\Users\eliec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\ CHR - Extension: No name found = C:\Users\eliec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Users\eliec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\ CHR - Extension: No name found = C:\Users\eliec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\eliec\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\ CHR - Extension: No name found = C:\Users\eliec\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\ CHR - Extension: No name found = C:\Users\eliec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\ CHR - Extension: No name found = C:\Users\eliec\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.163_0\ CHR - Extension: No name found = C:\Users\eliec\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa\1.5_0\ CHR - Extension: No name found = C:\Users\eliec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\ CHR - Extension: No name found = C:\Users\eliec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ CHR - Extension: No name found = C:\Users\eliec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5516.1005.0.3_0\ O1 HOSTS File: ([2017/01/03 21:10:49 | 000,003,782 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 down.baidu2016.com O1 - Hosts: 127.0.0.1 123.sogou.com O1 - Hosts: 127.0.0.1 www.czzsyzgm.com O1 - Hosts: 127.0.0.1 www.czzsyzxl.com O1 - Hosts: 127.0.0.1 union.baidu2019.com O1 - Hosts: 127.0.0.1 down.baidu2016.com O1 - Hosts: 127.0.0.1 123.sogou.com O1 - Hosts: 127.0.0.1 www.czzsyzgm.com O1 - Hosts: 127.0.0.1 www.czzsyzxl.com O1 - Hosts: 127.0.0.1 union.baidu2019.com O1 - Hosts: 34.195.153.94 www.google-analytics.com O1 - Hosts: 34.195.153.94 google-analytics.com O1 - Hosts: 34.195.153.94 mc.yandex.ru O1 - Hosts: 34.195.153.94 top-fwz1.mail.ru O1 - Hosts: 34.195.153.94 site.yandex.net O1 - Hosts: 34.195.153.94 pagead2.googlesyndication.com O1 - Hosts: 34.195.153.94 ad.mail.ru O1 - Hosts: 34.195.153.94 ads.adfox.ru O1 - Hosts: 34.195.153.94 ads.pubmatic.com O1 - Hosts: 34.195.153.94 apis.google.com O1 - Hosts: 34.195.153.94 autocontext.begun.ru O1 - Hosts: 34.195.153.94 b.scorecardresearch.com O1 - Hosts: 34.195.153.94 c.amazon-adsystem.com O1 - Hosts: 34.195.153.94 cdn.admixer.net O1 - Hosts: 34.195.153.94 cdn.cxense.com O1 - Hosts: 61 more lines... O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [WindowsDefender] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation) O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [DiskPower] "C:\Program Files (x86)\DPower\DiskPower.exe" File not found O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001..\Run: [BingSvc] C:\Users\eliec\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation) O4 - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001..\Run: [DAEMON Tools Lite Automount] C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd) O4 - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001..\Run: [Ditto] C:\Program Files (x86)\Ditto\Ditto.exe () O4 - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001..\Run: [f.lux] C:\Users\eliec\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC) O4 - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001..\Run: [JH1S2KAI3R] "C:\Program Files (x86)\DPower\1WCW6E4P87.exe" File not found O4 - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001..\Run: [OneDrive] C:\Users\eliec\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001..\Run: [Pushbullet] C:\Program Files (x86)\Pushbullet\pushbullet.exe (Pushbullet inc) O4 - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize File not found O4 - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001..\Run: [ZX5S0P82SY] "C:\Program Files\WLIN0X7415\9AP28WD50.exe" File not found O4 - Startup: C:\Users\eliec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk = C:\Program Files\ShareX\ShareX.exe (ShareX Team) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\WINDOWS\SysNative\LavasoftTcpService64.dll (Lavasoft Limited) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\WINDOWS\SysNative\LavasoftTcpService64.dll (Lavasoft Limited) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\WINDOWS\SysNative\LavasoftTcpService64.dll (Lavasoft Limited) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\WINDOWS\SysNative\LavasoftTcpService64.dll (Lavasoft Limited) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\WINDOWS\SysNative\LavasoftTcpService64.dll (Lavasoft Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\SysWow64\LavasoftTcpService.dll (Lavasoft Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\SysWow64\LavasoftTcpService.dll (Lavasoft Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\SysWow64\LavasoftTcpService.dll (Lavasoft Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\SysWow64\LavasoftTcpService.dll (Lavasoft Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\SysWow64\LavasoftTcpService.dll (Lavasoft Limited) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\.DEFAULT\..Trusted Domains: localhost ([]* in Trusted sites) O15 - HKU\.DEFAULT\..Trusted Domains: webcompanion.com ([]http in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: localhost ([]* in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: webcompanion.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\..Trusted Domains: localhost ([]* in Trusted sites) O15 - HKU\S-1-5-21-3984629988-1704772356-3699888385-1001\..Trusted Domains: webcompanion.com ([]http in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30398a15-f800-40dd-9be6-e25571ebf3c4}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30398a15-f800-40dd-9be6-e25571ebf3c4}: NameServer = 104.197.191.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{61fe2300-3f67-4ea5-a229-3d7dfc7feb8e}: NameServer = 104.197.191.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74642ee3-8dab-4201-be21-2f7637214142}: NameServer = 104.197.191.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{766aa592-3e96-4633-bfe7-6d090e78c0d6}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{766aa592-3e96-4633-bfe7-6d090e78c0d6}: NameServer = 104.197.191.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{770f9982-86d5-11e6-8ef1-806e6f6e6963}: NameServer = 104.197.191.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{aadf70d4-3bde-474a-ad6a-05cefbe9570b}: NameServer = 104.197.191.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{bda5865c-0be8-4e58-917e-ecb54462f85c}: DhcpNameServer = 209.222.18.222 209.222.18.218 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{bda5865c-0be8-4e58-917e-ecb54462f85c}: NameServer = 104.197.191.4 O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb.16 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\osf.16 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\osf-roaming.16 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {04DCAF38-CB67-11E6-974B-64006A5CFC23} - C:\Users\eliec\AppData\Roaming\Steaward\Thojuent.dll File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2016/10/20 21:40:15 | 000,000,043 | R--- | M] () - J:\autorun.inf -- [ UDF ] O33 - MountPoints2\{41b76941-9a8b-11e6-894a-708bcd059a16}\Shell - "" = AutoRun O33 - MountPoints2\{41b76941-9a8b-11e6-894a-708bcd059a16}\Shell\AutoRun\command - "" = J:\setup.exe -- [2016/10/20 21:40:20 | 006,810,648 | R--- | M] ( ) O33 - MountPoints2\{7bc1b77e-9126-11e6-8944-708bcd059a16}\Shell - "" = AutoRun O33 - MountPoints2\{7bc1b77e-9126-11e6-8944-708bcd059a16}\Shell\AutoRun\command - "" = "I:\setup.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2017/01/05 19:12:50 | 000,082,936 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHdsKe.sys [2017/01/05 17:55:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UvConverter [2017/01/05 17:55:47 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Roaming\dgjdg [2017/01/05 17:55:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\amuleC1 [2017/01/05 17:55:46 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC [2017/01/05 17:55:46 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Roaming\aMule [2017/01/05 12:15:42 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsigndc16bef882216f49 [2017/01/05 11:29:06 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp [2017/01/04 18:16:43 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign9615b37f1ff9c9d5 [2017/01/04 18:04:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinArcher [2017/01/04 18:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\WinSAPSvc [2017/01/04 18:01:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gubed [2017/01/04 17:50:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\akvc8ial [2017/01/04 09:37:19 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign91b396e73f2be1cf [2017/01/04 00:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2017/01/04 00:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2017/01/03 22:32:48 | 000,037,144 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys [2017/01/03 21:40:43 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Roaming\AVAST Software [2017/01/03 21:40:38 | 000,969,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsnx.sys [2017/01/03 21:40:38 | 000,513,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys [2017/01/03 21:40:38 | 000,293,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswvmm.sys [2017/01/03 21:40:38 | 000,163,416 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys [2017/01/03 21:40:38 | 000,108,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys [2017/01/03 21:40:38 | 000,103,064 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys [2017/01/03 21:40:38 | 000,074,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys [2017/01/03 21:40:38 | 000,037,656 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys [2017/01/03 21:40:35 | 000,391,496 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2017/01/03 21:40:32 | 000,053,208 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2017/01/03 21:31:44 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2017/01/03 21:10:53 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\2442BD15-1483477853-8143-AE8C-5D72F2685F68 [2017/01/03 21:10:50 | 000,000,000 | ---D | C] -- C:\Program Files\WLIN0X7415 [2017/01/03 20:51:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller [2017/01/03 20:51:33 | 000,000,000 | ---D | C] -- C:\Program Files\RogueKiller [2017/01/03 20:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller [2017/01/03 20:30:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sstmp [2017/01/03 20:30:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\sstmp [2017/01/03 20:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\PP208TO4NX [2017/01/03 19:59:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\ede [2017/01/03 19:22:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2017/01/03 19:09:08 | 000,000,000 | ---D | C] -- C:\uninst [2017/01/03 19:09:02 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempfolder [2017/01/03 19:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\JiddUn [2017/01/03 19:08:58 | 000,000,000 | ---D | C] -- C:\Program Files\Jidd [2017/01/03 19:08:46 | 000,000,000 | ---D | C] -- C:\Program Files\AZ87AA54O1 [2017/01/03 19:08:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScreenShared [2017/01/03 13:50:27 | 000,000,000 | ---D | C] -- C:\Program Files\4UPQGSBUS4 [2017/01/03 13:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anuzuther Core [2017/01/03 13:50:12 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Moqerpyprijck [2017/01/03 13:50:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gerlert [2017/01/03 13:49:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7c1dd0bc-fc85-435e-bf31-9e6173024dc31483447787 [2017/01/03 13:49:27 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Roaming\Steaward [2017/01/03 13:48:17 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Roaming\Profiles [2017/01/03 13:48:17 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Neqertionthitile [2017/01/03 13:48:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Thehward [2017/01/03 13:48:06 | 000,000,000 | ---D | C] -- C:\Microsoft [2017/01/03 13:48:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SSL [2017/01/03 13:17:45 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc [2017/01/03 13:17:45 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Roaming\discord [2017/01/03 13:17:39 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Discord [2017/01/03 13:15:14 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign3e96529ba6b6548d [2017/01/03 10:22:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2017/01/03 10:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2017/01/03 10:21:35 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Google [2017/01/03 10:07:53 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign43b451e0bcad8079 [2017/01/03 08:56:59 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign4807bfe984327e02 [2017/01/03 08:54:40 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign34b1a790d0a80615 [2017/01/03 08:49:59 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign721953bec1b7a55b [2017/01/02 21:29:31 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign760675cb09bd7812 [2016/12/27 11:21:59 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign7f32bc5ef8c962cc [2016/12/26 18:38:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther [2016/12/25 18:49:40 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign211e8a8338989022 [2016/12/24 13:05:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2016/12/24 12:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2016/12/23 13:17:56 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign4bc10f2d52045113 [2016/12/22 16:11:15 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsigne804bd9ce8811248 [2016/12/22 15:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith [2016/12/22 15:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith [2016/12/22 15:27:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps [2016/12/22 13:31:08 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignd05d2e4267aa0ced [2016/12/22 12:09:37 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign1715ef4ae0e41215 [2016/12/22 12:07:45 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignec2ede287712e8f0 [2016/12/22 12:07:30 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign724340b5af991e54 [2016/12/22 12:06:12 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignb440ed955f3dfc9c [2016/12/22 11:54:38 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign5beaab109b2de303 [2016/12/21 21:20:26 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign752b25b408dce527 [2016/12/21 21:06:36 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign74a4284b65bbf152 [2016/12/21 14:52:19 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignb2c00766a5714d8a [2016/12/21 14:52:15 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign71dae57d83bf0c8f [2016/12/19 21:52:07 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignd6bb3f17a96e7e6f [2016/12/19 21:41:00 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign7cc6ae6c34218c04 [2016/12/19 15:49:12 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignb5e82aede507a9f4 [2016/12/19 13:26:13 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsigna67c35394f339d94 [2016/12/17 14:12:57 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign467b9869d5e75d1e [2016/12/16 11:30:02 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Lavasoft [2016/12/16 11:30:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft [2016/12/16 11:29:57 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Roaming\Lavasoft [2016/12/16 11:29:54 | 000,425,744 | ---- | C] (Lavasoft Limited) -- C:\WINDOWS\SysNative\LavasoftTcpService64.dll [2016/12/16 11:29:54 | 000,345,360 | ---- | C] (Lavasoft Limited) -- C:\WINDOWS\SysWow64\LavasoftTcpService.dll [2016/12/16 11:29:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2016/12/16 11:29:51 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Roaming\FileZilla [2016/12/16 11:29:51 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\FileZilla [2016/12/16 11:29:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [2016/12/16 11:29:47 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client [2016/12/16 11:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2016/12/15 22:11:19 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsigncde448d85d7c0b7a [2016/12/15 20:55:24 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign8def950f30658139 [2016/12/15 18:27:27 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsigne110241af157eb0f [2016/12/15 18:17:45 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign4a48179fcbe24bc7 [2016/12/15 09:03:18 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign29539a29e9c3a5c4 [2016/12/15 09:03:12 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign74971694e577b75c [2016/12/15 08:15:33 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Chromium [2016/12/14 21:24:08 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign7f0f7e1dd612d3fc [2016/12/14 21:23:48 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign1152e381d382cce2 [2016/12/14 20:18:53 | 008,168,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll [2016/12/14 20:18:52 | 004,612,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll [2016/12/14 20:18:52 | 003,306,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll [2016/12/14 20:18:52 | 001,852,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll [2016/12/14 20:18:52 | 001,589,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtctm.dll [2016/12/14 20:18:52 | 001,274,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll [2016/12/14 20:18:52 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll [2016/12/14 20:18:51 | 003,059,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll [2016/12/14 20:18:51 | 002,138,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll [2016/12/14 20:18:51 | 001,100,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe [2016/12/14 20:18:51 | 000,989,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe [2016/12/14 20:18:51 | 000,947,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi [2016/12/14 20:18:51 | 000,811,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe [2016/12/14 20:18:51 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll [2016/12/14 20:18:50 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll [2016/12/14 20:18:50 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll [2016/12/14 20:18:50 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll [2016/12/14 20:18:50 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputLocaleManager.dll [2016/12/14 20:18:50 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll [2016/12/14 20:18:50 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll [2016/12/14 20:18:49 | 006,285,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll [2016/12/14 20:18:49 | 003,777,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll [2016/12/14 20:18:49 | 001,988,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll [2016/12/14 20:18:49 | 001,692,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll [2016/12/14 20:18:49 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll [2016/12/14 20:18:48 | 007,816,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2016/12/14 20:18:48 | 002,275,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll [2016/12/14 20:18:48 | 001,293,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll [2016/12/14 20:18:48 | 000,981,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll [2016/12/14 20:18:48 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\facecredentialprovider.dll [2016/12/14 20:18:47 | 001,121,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll [2016/12/14 20:18:47 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll [2016/12/14 20:18:45 | 002,820,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll [2016/12/14 20:18:44 | 002,998,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys [2016/12/14 20:18:44 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll [2016/12/14 20:18:44 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll [2016/12/14 20:18:44 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll [2016/12/14 20:18:44 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys [2016/12/14 20:18:44 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll [2016/12/14 20:18:44 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll [2016/12/14 20:18:44 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll [2016/12/14 20:18:43 | 004,749,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll [2016/12/14 20:18:43 | 003,616,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys [2016/12/14 20:18:43 | 001,461,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll [2016/12/14 20:18:42 | 005,114,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll [2016/12/14 20:18:40 | 001,572,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll [2016/12/14 20:18:40 | 001,415,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll [2016/12/14 20:18:40 | 000,764,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll [2016/12/14 20:18:40 | 000,455,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe [2016/12/14 20:18:40 | 000,241,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll [2016/12/14 20:18:39 | 001,354,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi [2016/12/14 20:18:39 | 001,051,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi [2016/12/14 20:18:38 | 006,668,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll [2016/12/14 20:18:38 | 001,173,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe [2016/12/14 20:18:38 | 000,894,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe [2016/12/14 20:18:38 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll [2016/12/14 20:18:37 | 003,198,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll [2016/12/14 20:18:37 | 002,913,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll [2016/12/14 20:18:37 | 002,166,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll [2016/12/14 20:18:37 | 001,490,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll [2016/12/14 20:18:37 | 001,267,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll [2016/12/14 20:18:37 | 000,861,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll [2016/12/14 20:18:37 | 000,846,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll [2016/12/14 20:18:37 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll [2016/12/14 20:18:36 | 001,637,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll [2016/12/14 20:18:36 | 001,004,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll [2016/12/14 20:18:36 | 000,886,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll [2016/12/14 20:18:36 | 000,807,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll [2016/12/14 20:18:36 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll [2016/12/14 20:18:36 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll [2016/12/14 20:18:36 | 000,377,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys [2016/12/14 20:18:36 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll [2016/12/14 20:18:36 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll [2016/12/14 20:18:36 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe [2016/12/14 20:18:36 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll [2016/12/14 20:18:36 | 000,137,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll [2016/12/14 20:18:35 | 006,044,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll [2016/12/14 20:18:35 | 004,746,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2016/12/14 20:18:35 | 000,822,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll [2016/12/14 20:18:35 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll [2016/12/14 20:18:35 | 000,168,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll [2016/12/14 20:18:34 | 008,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll [2016/12/14 20:18:34 | 001,512,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys [2016/12/14 20:18:34 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll [2016/12/14 20:18:34 | 000,402,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys [2016/12/14 20:18:34 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\indexeddbserver.dll [2016/12/14 20:18:34 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll [2016/12/14 20:18:33 | 000,658,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys [2016/12/14 20:18:32 | 022,563,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll [2016/12/14 20:18:32 | 001,738,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll [2016/12/14 20:18:32 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll [2016/12/14 20:18:31 | 019,413,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll [2016/12/14 20:18:30 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\indexeddbserver.dll [2016/12/14 20:18:29 | 002,677,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll [2016/12/14 20:18:28 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CryptoWinRT.dll [2016/12/14 20:18:28 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll [2016/12/14 20:18:28 | 000,172,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll [2016/12/14 13:44:13 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign2bc8f5fa297e4160 [2016/12/14 13:34:38 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign2167b665997789df [2016/12/14 12:54:27 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignd4d88cfd4120ee6e [2016/12/14 09:26:30 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign9c26274324bde1a7 [2016/12/13 21:50:58 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign978de60819be7898 [2016/12/13 20:42:33 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign98c8b4a3190ef156 [2016/12/13 08:38:43 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign8962739052d51a95 [2016/12/13 08:35:18 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign10d12e925bde81aa [2016/12/12 09:59:53 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsigna3164572ed948a48 [2016/12/12 08:33:36 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign448420d1f459e780 [2016/12/11 16:47:30 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignbf44db043b5c6b0e [2016/12/11 14:43:11 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign4f015fe59f42d040 [2016/12/11 01:16:11 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign26878774670435c8 [2016/12/10 20:04:37 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign097ada8ec037f261 [2016/12/10 10:54:09 | 002,682,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netshell.dll [2016/12/10 10:54:09 | 001,232,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll [2016/12/10 10:54:09 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll [2016/12/10 10:54:09 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll [2016/12/10 10:54:09 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll [2016/12/10 10:54:09 | 000,603,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll [2016/12/10 10:54:09 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll [2016/12/10 10:54:09 | 000,534,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll [2016/12/10 10:54:09 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll [2016/12/10 10:54:09 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll [2016/12/10 10:54:09 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll [2016/12/10 10:54:09 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgentUserBroker.exe [2016/12/10 10:54:09 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe [2016/12/10 10:54:09 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll [2016/12/10 10:54:08 | 001,886,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll [2016/12/10 10:54:08 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll [2016/12/10 10:54:08 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll [2016/12/10 10:54:08 | 000,590,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll [2016/12/10 10:54:07 | 017,188,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll [2016/12/10 10:54:07 | 002,800,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netshell.dll [2016/12/10 10:54:07 | 001,859,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll [2016/12/10 10:54:05 | 003,892,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll [2016/12/10 10:54:05 | 003,370,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll [2016/12/10 10:54:05 | 001,123,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll [2016/12/10 10:54:05 | 000,952,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll [2016/12/10 10:54:05 | 000,263,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll [2016/12/10 10:54:05 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepapi.dll [2016/12/10 10:54:05 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll [2016/12/10 10:54:04 | 002,277,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll [2016/12/10 10:54:04 | 001,992,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll [2016/12/10 10:54:04 | 001,357,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll [2016/12/10 10:54:04 | 000,760,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll [2016/12/10 10:54:04 | 000,715,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll [2016/12/10 10:54:04 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepsync.dll [2016/12/10 10:54:04 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepsync.dll [2016/12/10 10:54:04 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepapi.dll [2016/12/10 10:54:04 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManHTTPConfig.exe [2016/12/10 10:54:03 | 006,109,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll [2016/12/10 10:54:02 | 005,380,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll [2016/12/10 10:54:02 | 004,423,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll [2016/12/10 10:54:02 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll [2016/12/10 10:54:02 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DisplayManager.dll [2016/12/10 10:54:01 | 000,418,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll [2016/12/10 10:54:01 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll [2016/12/10 10:54:00 | 002,362,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll [2016/12/10 10:54:00 | 002,109,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapGeocoder.dll [2016/12/10 10:54:00 | 001,755,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceFlows.DataModel.dll [2016/12/10 10:54:00 | 001,069,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll [2016/12/10 10:54:00 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll [2016/12/10 10:54:00 | 000,424,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll [2016/12/10 10:54:00 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll [2016/12/10 10:54:00 | 000,266,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll [2016/12/10 10:54:00 | 000,163,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RTWorkQ.dll [2016/12/10 10:54:00 | 000,157,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudStorageWizard.exe [2016/12/10 10:54:00 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapsBtSvc.dll [2016/12/10 10:54:00 | 000,091,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfaudiocnv.dll [2016/12/10 10:54:00 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HttpsDataSource.dll [2016/12/10 10:53:59 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll [2016/12/10 10:53:59 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll [2016/12/10 10:53:59 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll [2016/12/10 10:53:59 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe [2016/12/10 10:53:59 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosStorage.dll [2016/12/10 10:53:58 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_StorageSense.dll [2016/12/10 10:53:58 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll [2016/12/10 10:53:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseModernAppMgmtCSP.dll [2016/12/10 10:53:58 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll [2016/12/10 10:53:58 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EAMProgressHandler.dll [2016/12/10 10:53:57 | 004,136,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll [2016/12/10 10:53:57 | 002,828,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll [2016/12/10 10:53:57 | 002,104,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll [2016/12/10 10:53:57 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcuiu.dll [2016/12/10 10:53:57 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll [2016/12/10 10:53:57 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EDPCleanup.exe [2016/12/10 10:53:57 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll [2016/12/10 10:53:57 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReportingCSP.dll [2016/12/10 10:53:57 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll [2016/12/10 10:53:56 | 002,482,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll [2016/12/10 10:53:56 | 002,186,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hevcdecoder.dll [2016/12/10 10:53:56 | 001,228,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll [2016/12/10 10:53:55 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll [2016/12/10 10:53:55 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll [2016/12/10 10:53:55 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngccredprov.dll [2016/12/10 10:53:55 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll [2016/12/10 10:53:55 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcastdvr.exe [2016/12/10 10:53:55 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll [2016/12/10 10:53:55 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnr.dll [2016/12/10 10:53:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BcastDVRHelper.dll [2016/12/10 10:53:55 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppCapture.dll [2016/12/10 10:53:54 | 002,852,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll [2016/12/10 10:53:54 | 002,510,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll [2016/12/10 10:53:54 | 002,084,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceFlows.DataModel.dll [2016/12/10 10:53:54 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll [2016/12/10 10:53:54 | 000,382,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll [2016/12/10 10:53:54 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll [2016/12/10 10:53:54 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll [2016/12/10 10:53:54 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys [2016/12/10 10:53:54 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll [2016/12/10 10:53:53 | 003,542,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll [2016/12/10 10:53:53 | 000,637,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll [2016/12/10 10:53:53 | 000,360,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe [2016/12/10 10:53:52 | 001,336,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsecedit.dll [2016/12/10 10:53:52 | 000,454,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe [2016/12/10 10:53:52 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll [2016/12/10 10:53:52 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll [2016/12/10 10:53:52 | 000,198,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll [2016/12/10 10:53:52 | 000,152,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RTWorkQ.dll [2016/12/10 10:53:51 | 001,220,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscui.cpl [2016/12/10 10:53:51 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscinterop.dll [2016/12/10 10:53:51 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEStoreEventHandlers.dll [2016/12/10 10:53:50 | 013,868,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll [2016/12/10 10:53:50 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll [2016/12/10 10:53:50 | 001,418,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll [2016/12/10 10:53:49 | 000,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll [2016/12/10 10:53:49 | 000,219,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys [2016/12/10 10:53:48 | 006,474,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspaint.exe [2016/12/10 10:53:48 | 002,484,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gameux.dll [2016/12/10 10:53:48 | 001,726,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll [2016/12/10 10:53:48 | 001,556,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll [2016/12/10 10:53:48 | 000,960,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll [2016/12/10 10:53:48 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll [2016/12/10 10:53:48 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll [2016/12/10 10:53:48 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll [2016/12/10 10:53:48 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe [2016/12/10 10:53:47 | 007,626,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll [2016/12/10 10:53:47 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll [2016/12/10 10:53:47 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll [2016/12/10 10:53:47 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpsvc.dll [2016/12/10 10:53:47 | 000,339,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpusersvc.dll [2016/12/10 10:53:46 | 004,311,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe [2016/12/10 10:53:46 | 001,600,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2016/12/10 10:53:46 | 001,366,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll [2016/12/10 10:53:46 | 000,882,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditionUpgradeManagerObj.dll [2016/12/10 10:53:46 | 000,743,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll [2016/12/10 10:53:46 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditionUpgradeHelper.dll [2016/12/10 10:53:46 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ACPBackgroundManagerPolicy.dll [2016/12/10 10:53:45 | 002,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRHInproc.dll [2016/12/10 10:53:45 | 001,477,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsecedit.dll [2016/12/10 10:53:45 | 000,869,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll [2016/12/10 10:53:45 | 000,673,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe [2016/12/10 10:53:45 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll [2016/12/10 10:53:45 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll [2016/12/10 10:53:45 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VPNv2CSP.dll [2016/12/10 10:53:44 | 001,002,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll [2016/12/10 10:53:44 | 000,746,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcprx.dll [2016/12/10 10:53:44 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxclu.dll [2016/12/10 10:53:44 | 000,248,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll [2016/12/10 10:53:44 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sendmail.dll [2016/12/10 10:53:44 | 000,101,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceReactivation.dll [2016/12/10 10:53:44 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll [2016/12/10 10:53:44 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpremove.exe [2016/12/10 10:53:43 | 001,473,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll [2016/12/10 10:53:43 | 001,062,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll [2016/12/10 10:53:43 | 000,620,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.exe [2016/12/10 10:53:43 | 000,519,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ngccredprov.dll [2016/12/10 10:53:43 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xolehlp.dll [2016/12/10 10:53:42 | 004,130,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll [2016/12/10 10:53:42 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LogonController.dll [2016/12/10 10:53:42 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll [2016/12/10 10:53:42 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BcastDVRHelper.dll [2016/12/10 10:53:41 | 002,213,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll [2016/12/10 10:53:41 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll [2016/12/10 10:53:41 | 000,328,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll [2016/12/10 10:53:40 | 005,722,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll [2016/12/10 10:53:40 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppCapture.dll [2016/12/10 10:53:39 | 007,219,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll [2016/12/10 10:53:39 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplayManager.dll [2016/12/10 10:53:38 | 002,287,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll [2016/12/10 10:53:37 | 004,708,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll [2016/12/10 10:53:35 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcprx.dll [2016/12/10 10:53:35 | 000,870,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmkvsrcsnk.dll [2016/12/10 10:53:35 | 000,374,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll [2016/12/10 10:53:35 | 000,187,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudStorageWizard.exe [2016/12/10 10:53:35 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dialserver.dll [2016/12/10 10:53:35 | 000,142,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\migisol.dll [2016/12/10 10:53:35 | 000,126,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfaudiocnv.dll [2016/12/10 10:53:35 | 000,122,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\migisol.dll [2016/12/10 10:53:34 | 001,691,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe [2016/12/10 10:53:34 | 000,557,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll [2016/12/10 10:53:34 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcuiu.dll [2016/12/10 10:53:34 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgentUserBroker.exe [2016/12/10 10:53:34 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll [2016/12/10 10:53:34 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe [2016/12/10 10:53:34 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppnp.dll [2016/12/10 10:53:34 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RjvMDMConfig.dll [2016/12/10 10:53:34 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProvSysprep.dll [2016/12/10 10:53:34 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe [2016/12/10 10:53:33 | 001,430,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll [2016/12/10 10:53:29 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataSenseHandlers.dll [2016/12/10 10:53:29 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll [2016/12/10 10:53:28 | 006,664,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mspaint.exe [2016/12/10 10:53:28 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll [2016/12/10 10:53:28 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll [2016/12/10 10:53:28 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll [2016/12/10 10:53:27 | 002,611,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gameux.dll [2016/12/10 10:53:26 | 004,673,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [2016/12/10 10:53:26 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll [2016/12/10 10:53:26 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll [2016/12/10 10:53:26 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe [2016/12/10 10:53:26 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManHTTPConfig.exe [2016/12/10 10:53:25 | 009,131,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll [2016/12/10 10:53:24 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll [2016/12/10 10:53:24 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll [2016/12/10 10:53:24 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IdCtrls.dll [2016/12/10 10:53:23 | 007,654,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll [2016/12/10 10:53:23 | 001,709,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll [2016/12/10 10:53:22 | 003,400,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncCenter.dll [2016/12/10 10:53:20 | 007,812,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll [2016/12/10 10:53:20 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll [2016/12/10 10:53:19 | 002,206,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll [2016/12/10 10:53:19 | 001,969,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hevcdecoder.dll [2016/12/10 10:53:19 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll [2016/12/10 10:53:18 | 003,441,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll [2016/12/10 10:53:18 | 002,953,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll [2016/12/10 10:53:18 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll [2016/12/10 10:53:17 | 000,632,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll [2016/12/10 10:53:17 | 000,587,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll [2016/12/10 10:53:17 | 000,489,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupShim.dll [2016/12/10 10:53:17 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll [2016/12/10 10:53:17 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupShim.dll [2016/12/10 10:53:17 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll [2016/12/10 10:53:17 | 000,167,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll [2016/12/10 10:53:17 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll [2016/12/10 10:53:17 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sendmail.dll [2016/12/10 10:53:17 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupugc.exe [2016/12/10 10:53:17 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupugc.exe [2016/12/10 10:53:17 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\umpoext.dll [2016/12/10 10:53:17 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll [2016/12/10 10:53:17 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll [2016/12/10 10:53:17 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe [2016/12/10 10:53:16 | 001,196,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscui.cpl [2016/12/10 10:53:16 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscinterop.dll [2016/12/10 10:53:16 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetCfgNotifyObjectHost.exe [2016/12/10 10:53:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetCfgNotifyObjectHost.exe [2016/12/10 10:53:16 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CbtBackgroundManagerPolicy.dll [2016/12/09 18:22:49 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign3d75be0246cb3ceb [2016/12/09 14:19:34 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignb7b4c1d557893b9c [2016/12/09 09:35:37 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign906f8fc6b321f211 [2016/12/09 09:10:15 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsigneace2ce45e0b3b20 [2016/12/09 08:51:17 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignd6c44a26141f8edb [2016/12/09 08:51:01 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign91dc0edb14f5bd1d [2016/12/09 08:12:33 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignbdc4c7a41761ba13 [2016/12/09 08:12:33 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign2e05713c8db069d3 [2016/12/08 11:50:25 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignd33d07a775dd9ac6 [2016/12/08 11:50:25 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignb35346212a8a0a7f [2016/12/08 11:32:07 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignd607b9dd4583cf0d [2016/12/08 11:32:07 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign616805c272482ef7 [2016/12/08 09:53:22 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsigne2a17df1b95a3c23 [2016/12/08 09:53:22 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign719b8944c6c2f477 [2016/12/08 08:34:56 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignc7cd64f4632c0a12 [2016/12/08 08:34:56 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign3125faa950774bf8 [2016/12/08 08:09:32 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignfced1849e72c4191 [2016/12/08 08:09:30 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignf9677a7329b3a04d [2016/12/07 22:19:59 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsigne163fa17771dfb6d [2016/12/07 22:19:59 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign3979dba8e0f10e6b [2016/12/07 18:33:59 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign7268edc3f06903ea [2016/12/07 18:33:59 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign0c0800542ad6d623 [2016/12/07 17:25:45 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign48530457e5695429 [2016/12/07 17:25:45 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign09f336a5abc919c7 [2016/12/07 13:50:35 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign456235c460beb273 [2016/12/07 12:53:27 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign74b93c0e14a38a6f [2016/12/07 12:53:27 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign60d3ddf8cb79db96 [2016/12/07 08:14:17 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign75b6f45affd854b1 [2016/12/07 08:14:17 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign50a49d1e51e25cff [2016/12/06 23:29:55 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\MisterHorse [2016/12/06 23:29:39 | 000,000,000 | ---D | C] -- C:\Users\eliec\OneDrive\Documents\AnimationComposer_2.1.1_win [2016/12/06 20:52:25 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign81d4f5d29680d055 [2016/12/06 20:36:56 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsign6c9aa9dbb5d571fa [2016/12/06 20:36:55 | 000,000,000 | ---D | C] -- C:\Users\eliec\AppData\Local\Tempzxpsignbe0b0b09d5d0f0e9 [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2017/01/05 19:54:06 | 003,302,234 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2017/01/05 19:54:06 | 001,469,252 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat [2017/01/05 19:54:06 | 001,051,508 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2017/01/05 19:54:06 | 000,390,250 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2017/01/05 19:54:06 | 000,360,102 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat [2017/01/05 19:49:40 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2017/01/05 19:48:12 | 000,000,184 | ---- | M] () -- C:\Users\eliec\AppData\Roaming\sp_data.sys [2017/01/05 19:48:05 | 000,000,180 | ---- | M] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [2017/01/05 19:48:04 | 000,625,272 | ---- | M] () -- C:\WINDOWS\SysNative\NetUtils2016.dll [2017/01/05 19:47:39 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys [2017/01/05 19:14:10 | 3380,621,312 | -HS- | M] () -- C:\hiberfil.sys [2017/01/05 17:55:53 | 000,002,640 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2017/01/05 17:55:53 | 000,001,526 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2017/01/05 17:55:52 | 000,002,664 | ---- | M] () -- C:\Users\eliec\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2017/01/05 16:04:04 | 000,082,936 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHdsKe.sys [2017/01/04 13:52:03 | 000,028,272 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys [2017/01/03 22:37:00 | 000,293,352 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswvmm.sys [2017/01/03 22:36:59 | 000,513,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys [2017/01/03 22:36:56 | 000,969,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsnx.sys [2017/01/03 22:32:47 | 000,037,144 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys [2017/01/03 21:42:51 | 000,001,346 | ---- | M] () -- C:\Users\eliec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017/01/03 21:40:34 | 000,391,496 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2017/01/03 21:40:34 | 000,163,416 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys [2017/01/03 21:40:34 | 000,108,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys [2017/01/03 21:40:34 | 000,103,064 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys [2017/01/03 21:40:34 | 000,074,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys [2017/01/03 21:40:34 | 000,037,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys [2017/01/03 21:40:32 | 000,053,208 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2017/01/03 21:10:49 | 000,003,782 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts [2017/01/03 20:30:31 | 000,909,944 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NetUtils2016.sys [2017/01/03 20:30:31 | 000,470,592 | ---- | M] () -- C:\WINDOWS\SysWow64\NetUtils2016.exe [2017/01/03 13:50:48 | 000,187,904 | ---- | M] () -- C:\WINDOWS\rsrcs.dll [2017/01/03 13:50:38 | 000,439,808 | ---- | M] () -- C:\ProgramData\smp2.exe [2017/01/03 13:49:55 | 000,000,000 | ---- | M] () -- C:\TOSTACK [2017/01/03 13:38:36 | 000,344,064 | ---- | M] () -- C:\Users\eliec\OneDrive\Documents\Database2.accdb [2017/01/03 11:23:28 | 000,000,121 | R--- | M] () -- C:\Users\eliec\OneDrive\Documents\Elie's Notebook.url [2017/01/03 10:22:53 | 000,002,223 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2017/01/02 16:45:20 | 000,000,034 | ---- | M] () -- C:\Users\eliec\AppData\Roaming\AdobeWLCMCache.dat [2016/12/26 18:38:08 | 005,257,752 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2016/12/24 12:17:21 | 000,002,011 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016/12/19 00:06:49 | 000,002,952 | ---- | M] () -- C:\WINDOWS\SysWow64\LavasoftTcpServiceOff.ini [2016/12/19 00:06:49 | 000,002,952 | ---- | M] () -- C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini [2016/12/16 16:24:54 | 001,718,968 | ---- | M] () -- C:\WINDOWS\f4ab4838120525f824f5811dee3d0a89.exe [2016/12/16 11:29:53 | 000,425,744 | ---- | M] (Lavasoft Limited) -- C:\WINDOWS\SysNative\LavasoftTcpService64.dll [2016/12/16 11:29:53 | 000,345,360 | ---- | M] (Lavasoft Limited) -- C:\WINDOWS\SysWow64\LavasoftTcpService.dll [2016/12/16 00:03:40 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2016/12/12 00:56:25 | 000,835,576 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2016/12/12 00:56:25 | 000,177,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2016/12/10 10:39:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll [2016/12/09 11:42:15 | 001,637,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll [2016/12/09 11:42:14 | 000,137,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll [2016/12/09 11:34:34 | 001,051,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi [2016/12/09 11:34:34 | 000,894,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe [2016/12/09 11:33:26 | 001,354,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi [2016/12/09 11:33:26 | 001,173,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe [2016/12/09 11:32:11 | 007,816,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2016/12/09 11:30:39 | 000,377,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys [2016/12/09 11:29:23 | 002,681,200 | ---- | M] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll [2016/12/09 11:28:24 | 000,764,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll [2016/12/09 11:27:38 | 000,172,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll [2016/12/09 11:20:21 | 002,677,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll [2016/12/09 11:20:16 | 000,658,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys [2016/12/09 11:20:13 | 000,402,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys [2016/12/09 11:20:12 | 001,738,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll [2016/12/09 11:19:35 | 001,293,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll [2016/12/09 11:19:21 | 000,168,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll [2016/12/09 11:18:21 | 002,913,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll [2016/12/09 11:18:16 | 001,100,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe [2016/12/09 11:18:15 | 001,267,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll [2016/12/09 11:18:14 | 000,811,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe [2016/12/09 11:18:12 | 000,947,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi [2016/12/09 11:18:09 | 000,989,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe [2016/12/09 11:15:26 | 008,168,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll [2016/12/09 11:15:18 | 001,988,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll [2016/12/09 11:14:50 | 001,274,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll [2016/12/09 11:14:33 | 000,241,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll [2016/12/09 11:11:15 | 002,048,496 | ---- | M] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll [2016/12/09 11:10:58 | 001,461,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll [2016/12/09 11:10:40 | 001,572,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll [2016/12/09 11:09:27 | 000,455,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe [2016/12/09 11:01:08 | 000,861,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll [2016/12/09 10:59:25 | 000,846,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll [2016/12/09 10:59:24 | 002,166,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll [2016/12/09 10:57:01 | 001,852,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll [2016/12/09 10:57:00 | 006,668,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll [2016/12/09 10:52:21 | 001,415,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll [2016/12/09 10:47:29 | 022,563,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll [2016/12/09 10:45:47 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll [2016/12/09 10:42:29 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll [2016/12/09 10:41:22 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll [2016/12/09 10:41:06 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll [2016/12/09 10:40:38 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys [2016/12/09 10:38:39 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll [2016/12/09 10:37:29 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\indexeddbserver.dll [2016/12/09 10:37:10 | 000,411,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\facecredentialprovider.dll [2016/12/09 10:37:01 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll [2016/12/09 10:36:56 | 000,425,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll [2016/12/09 10:36:32 | 000,410,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll [2016/12/09 10:36:09 | 003,059,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll [2016/12/09 10:36:05 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll [2016/12/09 10:36:02 | 006,285,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll [2016/12/09 10:34:52 | 000,822,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll [2016/12/09 10:34:31 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll [2016/12/09 10:33:42 | 003,777,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll [2016/12/09 10:33:37 | 001,589,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtctm.dll [2016/12/09 10:32:18 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll [2016/12/09 10:31:20 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\indexeddbserver.dll [2016/12/09 10:31:11 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll [2016/12/09 10:30:32 | 019,413,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll [2016/12/09 10:30:31 | 004,612,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll [2016/12/09 10:29:51 | 004,749,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll [2016/12/09 10:28:55 | 001,004,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll [2016/12/09 10:28:12 | 003,306,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll [2016/12/09 10:27:55 | 005,114,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll [2016/12/09 10:27:36 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll [2016/12/09 10:26:32 | 008,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll [2016/12/09 10:26:01 | 001,692,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll [2016/12/09 10:25:28 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CryptoWinRT.dll [2016/12/09 10:24:21 | 002,275,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll [2016/12/09 10:22:27 | 001,490,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll [2016/12/09 10:22:06 | 002,820,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll [2016/12/09 10:21:48 | 004,746,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2016/12/09 10:21:42 | 003,616,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys [2016/12/09 10:21:31 | 001,512,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys [2016/12/09 10:21:04 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll [2016/12/09 10:20:36 | 000,730,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll [2016/12/09 10:20:35 | 003,198,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll [2016/12/09 10:20:33 | 006,044,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll [2016/12/09 10:20:32 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe [2016/12/09 10:20:05 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll [2016/12/09 10:19:46 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll [2016/12/09 10:19:45 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll [2016/12/09 10:19:43 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll [2016/12/09 10:19:32 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll [2016/12/09 10:19:32 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll [2016/12/09 10:18:36 | 002,138,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll [2016/12/09 10:18:23 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll [2016/12/09 10:17:55 | 000,886,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll [2016/12/09 10:17:08 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll [2016/12/09 10:16:56 | 002,998,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys [2016/12/09 10:16:03 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll [2016/12/09 10:15:59 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll [2016/12/09 10:15:51 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll [2016/12/09 10:15:49 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputLocaleManager.dll [2016/12/09 09:54:48 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll [color=#E56717]========== Files Created - No Company Name ==========[/color] [2017/01/04 09:47:13 | 000,002,664 | ---- | C] () -- C:\Users\eliec\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2017/01/04 09:47:13 | 000,002,652 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [2017/01/04 09:47:13 | 000,002,640 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2017/01/04 00:05:44 | 000,001,538 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2017/01/04 00:05:44 | 000,001,526 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2017/01/03 22:33:25 | 000,001,484 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk [2017/01/03 21:40:42 | 000,001,981 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Antivirus Gratuit.lnk [2017/01/03 20:52:47 | 000,028,272 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys [2017/01/03 20:30:31 | 000,909,944 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NetUtils2016.sys [2017/01/03 20:30:31 | 000,625,272 | ---- | C] () -- C:\WINDOWS\SysNative\NetUtils2016.dll [2017/01/03 20:30:31 | 000,470,592 | ---- | C] () -- C:\WINDOWS\SysWow64\NetUtils2016.exe [2017/01/03 13:50:48 | 000,187,904 | ---- | C] () -- C:\WINDOWS\rsrcs.dll [2017/01/03 13:50:34 | 000,439,808 | ---- | C] () -- C:\ProgramData\smp2.exe [2017/01/03 13:49:55 | 000,000,000 | ---- | C] () -- C:\TOSTACK [2017/01/03 13:38:33 | 000,344,064 | ---- | C] () -- C:\Users\eliec\OneDrive\Documents\Database2.accdb [2017/01/03 10:22:53 | 000,002,223 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2016/12/16 16:24:54 | 001,718,968 | ---- | C] () -- C:\WINDOWS\f4ab4838120525f824f5811dee3d0a89.exe [2016/12/16 11:29:55 | 000,002,952 | ---- | C] () -- C:\WINDOWS\SysWow64\LavasoftTcpServiceOff.ini [2016/12/16 11:29:55 | 000,002,952 | ---- | C] () -- C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini [2016/12/14 20:18:48 | 002,681,200 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll [2016/12/14 20:18:31 | 002,048,496 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll [2016/11/29 15:16:10 | 000,001,456 | ---- | C] () -- C:\Users\eliec\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs [2016/10/07 09:19:29 | 000,000,034 | ---- | C] () -- C:\Users\eliec\AppData\Roaming\AdobeWLCMCache.dat [2016/10/01 01:33:44 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll [2016/09/30 06:17:45 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2016/09/17 19:25:14 | 000,011,376 | R--- | C] () -- C:\WINDOWS\SysWow64\drivers\SECDRV.SYS [2016/09/12 20:15:20 | 035,133,376 | ---- | C] () -- C:\WINDOWS\SysWow64\nvcompiler.dll [2016/09/12 20:10:00 | 008,916,512 | ---- | C] () -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll [2016/09/12 20:10:00 | 000,611,608 | ---- | C] () -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll [2016/09/05 20:44:41 | 000,000,632 | ---- | C] () -- C:\WINDOWS\Edofma.INI [2016/09/04 06:41:52 | 000,000,184 | ---- | C] () -- C:\Users\eliec\AppData\Roaming\sp_data.sys [2016/07/16 12:47:57 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2016/07/16 12:47:57 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2016/07/16 12:43:04 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2016/07/16 12:43:00 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll [2016/07/16 12:42:55 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat [2016/07/16 12:42:53 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2016/07/16 12:42:49 | 000,304,640 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll [2016/07/16 12:42:48 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2016/07/16 12:42:43 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2016/07/16 12:42:12 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [color=#E56717]========== ZeroAccess Check ==========[/color] [2016/10/28 00:20:04 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\windows.storage.dll -- [2016/11/11 11:01:16 | 007,219,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\windows.storage.dll -- [2016/11/11 08:47:14 | 005,722,832 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016/07/16 12:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 12:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/07/16 12:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2017/01/05 17:55:46 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\aMule [2017/01/03 10:05:59 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\Audacity [2017/01/03 21:40:43 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\AVAST Software [2016/09/04 06:48:27 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\awsRun [2016/09/16 15:58:31 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2016/09/17 19:12:31 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\DAEMON Tools Lite [2017/01/05 17:55:47 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\dgjdg [2017/01/03 13:18:02 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\discord [2016/09/04 06:42:54 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\DropboxOEM [2016/12/16 11:30:10 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\FileZilla [2016/11/01 15:17:56 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\FiraxisLive [2016/09/04 08:17:50 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\Foxit Software [2016/10/12 14:10:42 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\Image-Line [2016/10/26 10:01:51 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\Kingsoft [2016/09/17 15:57:30 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\MAGIX [2016/11/04 14:37:04 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\MuseScore [2016/10/31 08:58:32 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\Notepad++ [2016/10/19 21:38:48 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\Novation [2016/10/24 20:57:33 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\OfficeTab [2016/09/11 10:27:36 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\Origin [2016/11/29 14:58:46 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\PDAppFlex [2017/01/03 13:50:12 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\Profiles [2016/09/23 19:50:19 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\Scilab [2017/01/03 19:59:50 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\Steaward [2016/12/01 08:09:15 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\Sublime Text 3 [2016/11/07 08:38:40 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\TeamViewer [2016/09/06 08:02:06 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\TechSmith [2017/01/05 17:19:26 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\uTorrent [2016/09/07 18:23:47 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\Wargaming.net [2016/09/04 06:41:54 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\WebStorage [2016/09/16 15:37:40 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\WildTangent [2016/10/17 12:35:04 | 000,000,000 | ---D | M] -- C:\Users\eliec\AppData\Roaming\XMind [color=#E56717]========== Purity Check ==========[/color] < End of report >