ÿþOTL logfile created on: 28/06/2017 00:53:04 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asus\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.14393.0) Locale: 0000040C | Country: æèäê | Language: FRA | Date Format: dd/MM/yyyy 3,89 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 25,73% Memory free 7,89 Gb Paging File | 4,14 Gb Available in Paging File | 52,48% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 279,01 Gb Total Space | 184,89 Gb Free Space | 66,26% Space Free | Partition Type: NTFS Drive D: | 393,86 Gb Total Space | 149,72 Gb Free Space | 38,01% Space Free | Partition Type: NTFS Computer Name: ASUS-PC | User Name: avi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - File not found -- PRC - [2017/06/28 00:49:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Downloads\OTL.exe PRC - [2017/06/27 10:41:06 | 000,070,239 | ---- | M] (http://www.ruby-lang.org/) -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\bin\rubyw.exe PRC - [2017/06/27 10:37:14 | 000,070,239 | ---- | M] (http://www.ruby-lang.org/) -- C:\Users\Asus\AppData\Local\Temp\ocr24D4.tmp\bin\rubyw.exe PRC - [2017/06/22 08:55:27 | 003,452,928 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_26_0_0_131.exe PRC - [2017/06/22 00:28:20 | 000,521,160 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2017/05/10 13:46:30 | 008,470,464 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2017/04/25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2017/03/21 09:15:16 | 023,819,304 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe PRC - [2016/12/09 10:21:10 | 000,038,272 | ---- | M] (TunnelBear) -- C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe PRC - [2016/05/24 18:46:50 | 007,701,776 | ---- | M] () -- C:\Program Files\pia_manager\pia_manager.exe PRC - [2016/05/24 18:46:50 | 000,184,320 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\pia_tray.exe PRC - [2016/01/08 11:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) -- C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe PRC - [2015/08/12 17:29:22 | 005,467,527 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Link\tools\pclink_connect.exe PRC - [2015/08/12 17:29:22 | 001,009,664 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Link\tools\adb.exe PRC - [2013/08/14 22:21:14 | 000,235,072 | ---- | M] (blekko) -- C:\ProgramData\ZGame Anti-Phishing Domain\zgame_antiphishing.exe PRC - [2012/09/17 05:22:37 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2012/07/19 19:53:16 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012/07/19 19:53:10 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012/07/05 23:23:34 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe PRC - [2012/07/05 23:23:18 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012/06/20 18:21:46 | 001,556,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe PRC - [2012/06/11 21:21:16 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2012/06/08 00:12:06 | 000,162,456 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe PRC - [2012/06/08 00:12:06 | 000,090,832 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe PRC - [2012/05/31 05:35:50 | 000,174,752 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2012/05/31 01:04:14 | 000,322,208 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2012/05/04 01:13:10 | 000,309,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe PRC - [2012/04/28 19:43:00 | 002,321,584 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2012/04/13 20:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe PRC - [2012/03/26 20:14:26 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2012/02/17 02:01:36 | 000,473,728 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe PRC - [2011/11/22 00:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe PRC - [2011/11/22 00:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2010/08/20 19:57:06 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009/06/19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2017/06/28 00:49:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Downloads\OTL.exe MOD - [2017/06/27 22:38:54 | 000,067,408 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\17062702\uiExt.dll MOD - [2017/06/27 22:38:52 | 000,513,696 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\17062702\aswCmnBS.dll MOD - [2017/06/27 22:38:52 | 000,405,072 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\17062702\aswCmnIS.dll MOD - [2017/06/27 22:38:52 | 000,153,664 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\17062702\aswCmnOS.dll MOD - [2017/06/27 10:41:07 | 000,026,624 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so MOD - [2017/06/27 10:41:06 | 002,141,184 | ---- | M] (http://www.ruby-lang.org/) -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\bin\msvcrt-ruby191.dll MOD - [2017/06/27 10:41:06 | 001,569,280 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\bin\LIBEAY32.dll MOD - [2017/06/27 10:41:06 | 000,354,816 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\bin\SSLEAY32.dll MOD - [2017/06/27 10:41:06 | 000,275,968 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so MOD - [2017/06/27 10:41:06 | 000,127,316 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\bin\libffi-6.dll MOD - [2017/06/27 10:41:06 | 000,126,976 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so MOD - [2017/06/27 10:41:06 | 000,118,784 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so MOD - [2017/06/27 10:41:06 | 000,094,208 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\src\rgloader\rgloader193.mswin.so MOD - [2017/06/27 10:41:06 | 000,094,208 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so MOD - [2017/06/27 10:41:06 | 000,087,552 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so MOD - [2017/06/27 10:41:06 | 000,083,968 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\bin\zlib1.dll MOD - [2017/06/27 10:41:06 | 000,070,239 | ---- | M] (http://www.ruby-lang.org/) -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\bin\rubyw.exe MOD - [2017/06/27 10:41:06 | 000,069,120 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so MOD - [2017/06/27 10:41:06 | 000,036,352 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so MOD - [2017/06/27 10:41:06 | 000,026,624 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so MOD - [2017/06/27 10:41:06 | 000,023,552 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so MOD - [2017/06/27 10:41:06 | 000,016,384 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so MOD - [2017/06/27 10:41:06 | 000,015,360 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so MOD - [2017/06/27 10:41:06 | 000,014,848 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so MOD - [2017/06/27 10:41:06 | 000,013,312 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so MOD - [2017/06/27 10:41:06 | 000,012,800 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so MOD - [2017/06/27 10:41:06 | 000,009,216 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so MOD - [2017/06/27 10:41:06 | 000,008,704 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so MOD - [2017/06/27 10:41:06 | 000,008,704 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so MOD - [2017/06/27 10:41:06 | 000,008,704 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so MOD - [2017/06/27 10:41:06 | 000,008,704 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so MOD - [2017/06/27 10:41:06 | 000,008,192 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr3E73.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so MOD - [2017/06/27 10:41:04 | 000,126,976 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr24D4.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so MOD - [2017/06/27 10:41:04 | 000,087,552 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr24D4.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so MOD - [2017/06/27 10:41:04 | 000,026,624 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr24D4.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so MOD - [2017/06/27 10:41:04 | 000,016,384 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr24D4.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so MOD - [2017/06/27 10:40:57 | 000,009,216 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr24D4.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so MOD - [2017/06/27 10:39:47 | 000,094,208 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr24D4.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so MOD - [2017/06/27 10:39:07 | 000,014,848 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr24D4.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so MOD - [2017/06/27 10:38:47 | 000,012,800 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr24D4.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so MOD - [2017/06/27 10:38:13 | 000,127,316 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr24D4.tmp\bin\libffi-6.dll MOD - [2017/06/27 10:37:31 | 002,141,184 | ---- | M] (http://www.ruby-lang.org/) -- C:\Users\Asus\AppData\Local\Temp\ocr24D4.tmp\bin\msvcrt-ruby191.dll MOD - [2017/06/27 10:37:14 | 000,070,239 | ---- | M] (http://www.ruby-lang.org/) -- C:\Users\Asus\AppData\Local\Temp\ocr24D4.tmp\bin\rubyw.exe MOD - [2017/06/27 10:36:59 | 000,094,208 | ---- | M] () -- C:\Users\Asus\AppData\Local\Temp\ocr24D4.tmp\src\rgloader\rgloader193.mswin.so MOD - [2017/06/27 10:36:38 | 004,796,928 | R--- | M] (wxWidgets development team) -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wxmsw30u_core_vc90.dll MOD - [2017/06/27 10:36:38 | 002,459,648 | R--- | M] (Python Software Foundation) -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\python27.dll MOD - [2017/06/27 10:36:38 | 002,030,592 | R--- | M] (wxWidgets development team) -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wxbase30u_vc90.dll MOD - [2017/06/27 10:36:38 | 001,303,552 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\_ssl.pyd MOD - [2017/06/27 10:36:38 | 001,251,328 | R--- | M] (wxWidgets development team) -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wxmsw30u_adv_vc90.dll MOD - [2017/06/27 10:36:38 | 001,176,576 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wx._core_.pyd MOD - [2017/06/27 10:36:38 | 001,067,008 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wx._controls_.pyd MOD - [2017/06/27 10:36:38 | 000,816,128 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wx._windows_.pyd MOD - [2017/06/27 10:36:38 | 000,806,400 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wx._gdi_.pyd MOD - [2017/06/27 10:36:38 | 000,733,184 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wx._misc_.pyd MOD - [2017/06/27 10:36:38 | 000,686,080 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\unicodedata.pyd MOD - [2017/06/27 10:36:38 | 000,682,496 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\pysqlite2._sqlite.pyd MOD - [2017/06/27 10:36:38 | 000,601,088 | R--- | M] (wxWidgets development team) -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wxmsw30u_html_vc90.dll MOD - [2017/06/27 10:36:38 | 000,524,248 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\windows._lib_cacheinvalidation.pyd MOD - [2017/06/27 10:36:38 | 000,364,544 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\pythoncom27.dll MOD - [2017/06/27 10:36:38 | 000,320,512 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\win32com.shell.shell.pyd MOD - [2017/06/27 10:36:38 | 000,167,936 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\win32gui.pyd MOD - [2017/06/27 10:36:38 | 000,155,136 | R--- | M] (wxWidgets development team) -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wxbase30u_net_vc90.dll MOD - [2017/06/27 10:36:38 | 000,127,488 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\pyexpat.pyd MOD - [2017/06/27 10:36:38 | 000,123,392 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wx._wizard.pyd MOD - [2017/06/27 10:36:38 | 000,119,808 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\win32file.pyd MOD - [2017/06/27 10:36:38 | 000,110,080 | R--- | M] (wxWidgets development team) -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wxmsw30u_webview_vc90.dll MOD - [2017/06/27 10:36:38 | 000,108,544 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\win32security.pyd MOD - [2017/06/27 10:36:38 | 000,098,816 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\win32api.pyd MOD - [2017/06/27 10:36:38 | 000,088,064 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\usb_ext.pyd MOD - [2017/06/27 10:36:38 | 000,078,848 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wx._animate.pyd MOD - [2017/06/27 10:36:38 | 000,077,312 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\wx._html2.pyd MOD - [2017/06/27 10:36:38 | 000,046,080 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\_socket.pyd MOD - [2017/06/27 10:36:38 | 000,038,912 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\win32inet.pyd MOD - [2017/06/27 10:36:38 | 000,035,840 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\win32process.pyd MOD - [2017/06/27 10:36:38 | 000,025,600 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\win32pdh.pyd MOD - [2017/06/27 10:36:38 | 000,024,064 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\win32pipe.pyd MOD - [2017/06/27 10:36:38 | 000,022,528 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\win32ts.pyd MOD - [2017/06/27 10:36:38 | 000,020,480 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\_yappi.pyd MOD - [2017/06/27 10:36:38 | 000,018,432 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\win32event.pyd MOD - [2017/06/27 10:36:38 | 000,017,920 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\thumbnails_ext.pyd MOD - [2017/06/27 10:36:38 | 000,017,408 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\win32profile.pyd MOD - [2017/06/27 10:36:38 | 000,012,800 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\common.time34.pyd MOD - [2017/06/27 10:36:38 | 000,011,264 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\win32crypt.pyd MOD - [2017/06/27 10:36:38 | 000,010,240 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\select.pyd MOD - [2017/06/27 10:36:38 | 000,007,168 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\hashobjs_ext.pyd MOD - [2017/06/27 10:36:37 | 000,914,432 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\_hashlib.pyd MOD - [2017/06/27 10:36:37 | 000,128,512 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\_elementtree.pyd MOD - [2017/06/27 10:36:37 | 000,110,080 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\pywintypes27.dll MOD - [2017/06/27 10:36:37 | 000,088,064 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\_ctypes.pyd MOD - [2017/06/27 10:36:37 | 000,036,864 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\_psutil_windows.pyd MOD - [2017/06/27 10:36:37 | 000,027,648 | R--- | M] () -- C:\Users\Asus\AppData\Local\Temp\_MEI94842\_multiprocessing.pyd MOD - [2017/06/22 08:55:27 | 020,064,256 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll MOD - [2017/06/22 08:55:27 | 003,452,928 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_26_0_0_131.exe MOD - [2017/06/22 00:28:20 | 001,446,344 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozavcodec.dll MOD - [2017/06/22 00:28:20 | 001,381,320 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll MOD - [2017/06/22 00:28:20 | 000,521,160 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe MOD - [2017/06/22 00:28:20 | 000,319,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll MOD - [2017/06/22 00:28:20 | 000,052,168 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\lgpllibs.dll MOD - [2017/06/22 00:28:20 | 000,026,568 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll MOD - [2017/06/22 00:28:19 | 001,224,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll MOD - [2017/06/22 00:28:19 | 000,412,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll MOD - [2017/06/22 00:28:19 | 000,153,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozavutil.dll MOD - [2017/06/22 00:28:19 | 000,146,888 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll MOD - [2017/06/22 00:28:19 | 000,141,256 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe MOD - [2017/06/22 00:28:19 | 000,131,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll MOD - [2017/06/22 00:28:19 | 000,093,128 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll MOD - [2017/06/22 00:28:18 | 051,486,152 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll MOD - [2017/06/03 13:11:29 | 001,706,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2017/06/03 12:49:36 | 020,967,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2017/06/03 12:44:54 | 001,412,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32full.dll MOD - [2017/06/03 12:28:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\edputil.dll MOD - [2017/06/03 12:04:06 | 002,006,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll MOD - [2017/05/10 19:16:20 | 000,368,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1e4f0ecfdfdff6f35b48c07b55b350f9\PresentationFramework.Aero.ni.dll MOD - [2017/05/10 19:15:46 | 014,345,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\987f1449894c705f0b19bcc5cd9f063f\PresentationFramework.ni.dll MOD - [2017/05/10 19:15:32 | 012,438,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\594374346b72f3188a5fcb6b43fc64be\System.Windows.Forms.ni.dll MOD - [2017/05/10 19:15:25 | 001,593,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b90c298940cb982c011e0b87ab778387\System.Drawing.ni.dll MOD - [2017/05/10 19:15:20 | 005,466,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\39eb98b823e0907a2752d9e7cac21eef\System.Xml.ni.dll MOD - [2017/05/10 19:15:17 | 000,978,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\a97b31d81348d031eb68c68149e0c94b\System.Configuration.ni.dll MOD - [2017/05/10 19:15:15 | 012,260,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\849cee054ebf1353d7716c13356e616c\PresentationCore.ni.dll MOD - [2017/05/10 19:15:05 | 003,358,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b35219850560a9c7ebdde3096ef5c616\WindowsBase.ni.dll MOD - [2017/05/10 19:15:01 | 008,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3c3332cf25ae0c61990b8ffafd1e4ae6\System.ni.dll MOD - [2017/05/10 13:46:39 | 002,095,104 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\AVAST Software\Avast\libcrypto-1_1.dll MOD - [2017/05/10 13:46:39 | 000,381,952 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\AVAST Software\Avast\libssl-1_1.dll MOD - [2017/05/10 13:46:33 | 067,717,632 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll MOD - [2017/05/10 13:46:31 | 000,997,896 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\AvChrome.dll MOD - [2017/05/10 13:46:31 | 000,428,544 | ---- | M] (The Chromium Authors) -- C:\Program Files\AVAST Software\Avast\chrome_elf.dll MOD - [2017/05/10 13:46:30 | 008,470,464 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe MOD - [2017/05/10 13:46:21 | 000,223,224 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\tasks_core.dll MOD - [2017/05/10 13:46:20 | 000,684,656 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll MOD - [2017/05/10 13:46:20 | 000,176,992 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll MOD - [2017/05/10 13:46:20 | 000,131,280 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\log.dll MOD - [2017/05/10 13:46:19 | 000,322,000 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll MOD - [2017/05/10 13:46:19 | 000,276,288 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\event_routing.dll MOD - [2017/05/10 13:46:19 | 000,257,104 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\event_manager.dll MOD - [2017/05/10 13:46:19 | 000,087,216 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\event_manager_rpc.dll MOD - [2017/05/10 13:46:18 | 000,787,984 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll MOD - [2017/05/10 13:46:18 | 000,674,688 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll MOD - [2017/05/10 13:46:18 | 000,598,224 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll MOD - [2017/05/10 13:46:18 | 000,338,624 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll MOD - [2017/05/10 13:46:18 | 000,166,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll MOD - [2017/05/10 13:46:18 | 000,148,984 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll MOD - [2017/05/10 13:46:18 | 000,097,456 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswIP.dll MOD - [2017/05/10 13:46:18 | 000,089,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll MOD - [2017/05/10 13:46:17 | 000,922,456 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll MOD - [2017/05/10 13:46:17 | 000,578,080 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll MOD - [2017/05/10 13:46:17 | 000,528,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll MOD - [2017/05/10 13:46:17 | 000,386,904 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll MOD - [2017/05/10 13:46:17 | 000,379,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll MOD - [2017/05/10 13:46:16 | 001,218,672 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll MOD - [2017/05/10 13:46:16 | 000,170,216 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll MOD - [2017/05/10 13:46:15 | 003,804,224 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll MOD - [2017/05/10 13:46:15 | 001,195,272 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\commchannel.dll MOD - [2017/05/10 13:46:14 | 004,414,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll MOD - [2017/05/10 13:46:14 | 000,431,536 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1037\UILangRes.dll MOD - [2017/05/10 13:46:14 | 000,384,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll MOD - [2017/05/10 13:46:14 | 000,065,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1037\Base.dll MOD - [2017/05/10 13:46:10 | 000,301,104 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2017/05/10 13:46:05 | 000,666,544 | ---- | M] (AVAST Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\aswidpmx.dll MOD - [2017/05/10 13:46:05 | 000,596,976 | ---- | M] (AVAST Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\aswlogx.dll MOD - [2017/05/10 13:46:05 | 000,198,392 | ---- | M] (AVAST Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\aswhookx.dll MOD - [2017/05/10 13:46:04 | 000,963,664 | ---- | M] (AVAST Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\aswcommx.dll MOD - [2017/05/10 13:46:04 | 000,328,776 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\gaming_probe.dll MOD - [2017/05/10 13:46:03 | 000,984,896 | ---- | M] (AVAST Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\aswsysx.dll MOD - [2017/05/10 13:46:03 | 000,291,824 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll MOD - [2017/05/10 13:46:02 | 000,835,976 | ---- | M] (AVAST Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\aswcmlx.dll MOD - [2017/05/07 11:48:42 | 000,028,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll MOD - [2017/05/07 11:48:42 | 000,025,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll MOD - [2017/05/07 11:48:42 | 000,024,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll MOD - [2017/05/07 11:48:42 | 000,024,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll MOD - [2017/05/07 11:48:42 | 000,022,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll MOD - [2017/05/07 11:48:42 | 000,022,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-convert-l1-1-0.dll MOD - [2017/05/07 11:48:42 | 000,020,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-time-l1-1-0.dll MOD - [2017/05/07 11:48:42 | 000,020,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll MOD - [2017/05/07 11:48:42 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll MOD - [2017/05/07 11:48:42 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-locale-l1-1-0.dll MOD - [2017/05/07 11:48:42 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll MOD - [2017/05/07 11:48:42 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-environment-l1-1-0.dll MOD - [2017/05/07 11:48:40 | 003,747,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\d3dcompiler_47.dll MOD - [2017/05/07 11:48:39 | 000,440,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\msvcp140.dll MOD - [2017/05/07 11:48:37 | 000,083,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\vcruntime140.dll MOD - [2017/04/28 03:59:55 | 000,601,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2017/04/28 03:53:36 | 000,616,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2017/04/28 03:46:09 | 001,504,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2017/04/28 03:46:03 | 005,722,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\windows.storage.dll MOD - [2017/04/28 03:45:44 | 002,263,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2017/04/28 03:45:29 | 000,975,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\twinapi.appcore.dll MOD - [2017/04/28 03:43:48 | 001,557,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2017/04/28 03:43:10 | 000,846,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WinTypes.dll MOD - [2017/04/28 03:43:09 | 002,168,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\combase.dll MOD - [2017/04/28 03:40:10 | 000,352,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2017/04/28 03:39:48 | 000,962,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2017/04/28 03:13:11 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2017/04/28 03:07:41 | 000,256,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll MOD - [2017/04/28 03:05:51 | 003,733,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_47.dll MOD - [2017/04/28 03:00:25 | 012,349,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll MOD - [2017/04/28 02:58:53 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2017/04/28 02:54:26 | 002,483,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2017/04/28 02:52:40 | 001,600,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2017/04/28 00:39:13 | 001,737,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll MOD - [2017/03/21 09:15:16 | 023,819,304 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe MOD - [2017/03/09 02:17:08 | 011,460,448 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igd10umd32.dll MOD - [2017/03/09 02:17:08 | 011,330,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igdumd32.dll MOD - [2017/03/05 17:58:10 | 003,563,568 | ---- | M] (Terra Informatica Software, Inc., British Columbia, Canada.) -- C:\Program Files\AVAST Software\Avast\HTMLayout.dll MOD - [2017/03/04 10:57:40 | 000,484,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2017/03/04 10:09:33 | 000,497,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2017/03/04 10:09:27 | 002,206,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll MOD - [2017/03/04 10:02:53 | 000,184,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2017/03/04 09:56:03 | 000,248,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\policymanager.dll MOD - [2017/03/04 09:54:12 | 002,277,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll MOD - [2017/03/04 09:54:03 | 000,524,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll MOD - [2017/03/04 09:53:07 | 000,313,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll MOD - [2017/03/04 09:52:59 | 000,549,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SHCore.dll MOD - [2017/03/04 09:52:02 | 000,272,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2017/03/04 09:47:41 | 001,123,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll MOD - [2017/03/04 09:47:32 | 000,640,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll MOD - [2017/03/04 09:47:32 | 000,530,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll MOD - [2017/03/04 09:46:47 | 002,121,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171\comctl32.dll MOD - [2017/03/04 09:45:07 | 000,112,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll MOD - [2017/03/04 09:42:29 | 001,260,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2017/03/04 09:24:56 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctfui.dll MOD - [2017/03/04 09:24:10 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll MOD - [2017/03/04 09:22:16 | 000,230,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll MOD - [2017/03/04 09:21:02 | 000,389,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll MOD - [2017/03/04 09:19:06 | 000,414,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2017/03/04 09:18:10 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll MOD - [2017/03/04 09:16:39 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2017/03/04 09:16:28 | 000,636,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll MOD - [2017/03/04 09:16:22 | 001,456,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.14393.953_none_baad48403594ab3f\GdiPlus.dll MOD - [2017/03/04 09:05:38 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2017/03/04 09:02:51 | 004,423,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2017/03/04 09:01:24 | 000,422,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\twinapi.dll MOD - [2016/12/21 07:24:30 | 005,061,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll MOD - [2016/12/14 07:35:56 | 000,553,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll MOD - [2016/12/09 13:00:58 | 000,106,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll MOD - [2016/12/09 12:52:21 | 001,435,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2016/12/09 12:51:08 | 000,117,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2016/11/11 10:59:59 | 001,572,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2016/11/11 10:42:44 | 000,152,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RTWorkQ.dll MOD - [2016/11/11 10:04:27 | 000,912,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2016/11/11 10:03:58 | 000,772,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2016/11/02 14:04:46 | 000,596,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.14393.447_none_5507ded2cb4f7f4c\comctl32.dll MOD - [2016/11/02 14:01:37 | 001,425,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll MOD - [2016/10/15 07:15:46 | 000,687,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvproc.dll MOD - [2016/10/02 12:07:05 | 011,500,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9ad5d97ade63ecd8b60f63393a947d6e\mscorlib.ni.dll MOD - [2016/10/02 12:00:09 | 009,260,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL MOD - [2016/10/02 11:59:50 | 000,790,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2016/10/02 11:59:50 | 000,402,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2016/10/02 11:59:18 | 000,170,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2016/10/02 11:59:14 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DataExchange.dll MOD - [2016/10/02 11:59:09 | 000,461,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll MOD - [2016/10/02 11:59:09 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pdh.dll MOD - [2016/10/02 11:59:09 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2016/10/02 11:59:09 | 000,079,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\win32u.dll MOD - [2016/10/02 11:59:08 | 000,113,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2016/10/02 11:46:51 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll MOD - [2016/10/02 11:46:51 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_fr_31bf3856ad364e35\WindowsBase.resources.dll MOD - [2016/10/02 11:46:50 | 000,430,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll MOD - [2016/10/02 11:46:48 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll MOD - [2016/10/02 11:35:06 | 004,775,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_none_a338d8ea2df29efb\mfc140u.dll MOD - [2016/10/02 11:35:03 | 000,440,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\msvcp140.dll MOD - [2016/10/02 11:35:03 | 000,083,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\vcruntime140.dll MOD - [2016/07/16 14:44:22 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2016/07/16 14:44:22 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2016/07/16 14:44:20 | 000,511,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll MOD - [2016/07/16 14:44:01 | 002,231,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WMVCORE.DLL MOD - [2016/07/16 14:44:01 | 000,273,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WMASF.DLL MOD - [2016/07/16 14:44:01 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2016/07/16 14:43:52 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2016/07/16 14:43:52 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2016/07/16 14:43:08 | 000,653,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9247_none_5090cb78bcba4a35\msvcr90.dll MOD - [2016/07/16 14:43:08 | 000,570,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9247_none_5090cb78bcba4a35\msvcp90.dll MOD - [2016/07/16 14:43:06 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll MOD - [2016/07/16 14:43:04 | 000,457,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2016/07/16 14:43:04 | 000,257,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll MOD - [2016/07/16 14:43:04 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2016/07/16 14:43:04 | 000,053,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll MOD - [2016/07/16 14:43:04 | 000,027,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2016/07/16 14:43:04 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll MOD - [2016/07/16 14:43:02 | 000,284,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2016/07/16 14:43:02 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2016/07/16 14:43:01 | 000,185,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll MOD - [2016/07/16 14:43:01 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2016/07/16 14:43:01 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2016/07/16 14:43:01 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2016/07/16 14:43:01 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\security.dll MOD - [2016/07/16 14:43:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dinput8.dll MOD - [2016/07/16 14:43:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2016/07/16 14:42:56 | 001,220,608 | ---- | M] (Microsoft) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2016/07/16 14:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll MOD - [2016/07/16 14:42:56 | 000,524,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll MOD - [2016/07/16 14:42:56 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll MOD - [2016/07/16 14:42:56 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll MOD - [2016/07/16 14:42:56 | 000,135,680 | ---- | M] (Microsoft) -- C:\Windows\SysWOW64\dbgcore.dll MOD - [2016/07/16 14:42:56 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll MOD - [2016/07/16 14:42:56 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll MOD - [2016/07/16 14:42:56 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll MOD - [2016/07/16 14:42:56 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll MOD - [2016/07/16 14:42:56 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2016/07/16 14:42:55 | 000,918,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ucrtbase.dll MOD - [2016/07/16 14:42:55 | 000,498,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp_win.dll MOD - [2016/07/16 14:42:55 | 000,415,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp110_win.dll MOD - [2016/07/16 14:42:55 | 000,310,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2016/07/16 14:42:55 | 000,306,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2016/07/16 14:42:55 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2016/07/16 14:42:55 | 000,275,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2016/07/16 14:42:55 | 000,213,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2016/07/16 14:42:55 | 000,184,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2016/07/16 14:42:55 | 000,183,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\logoncli.dll MOD - [2016/07/16 14:42:55 | 000,173,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntasn1.dll MOD - [2016/07/16 14:42:55 | 000,154,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2016/07/16 14:42:55 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll MOD - [2016/07/16 14:42:55 | 000,132,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2016/07/16 14:42:55 | 000,120,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll MOD - [2016/07/16 14:42:55 | 000,094,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2016/07/16 14:42:55 | 000,086,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2016/07/16 14:42:55 | 000,075,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2016/07/16 14:42:55 | 000,068,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2016/07/16 14:42:55 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2016/07/16 14:42:55 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll MOD - [2016/07/16 14:42:55 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll MOD - [2016/07/16 14:42:55 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll MOD - [2016/07/16 14:42:55 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll MOD - [2016/07/16 14:42:55 | 000,049,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2016/07/16 14:42:55 | 000,043,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel.appcore.dll MOD - [2016/07/16 14:42:55 | 000,036,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2016/07/16 14:42:55 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dpapi.dll MOD - [2016/07/16 14:42:54 | 001,375,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2016/07/16 14:42:54 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atlthunk.dll MOD - [2016/07/16 14:42:54 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winusb.dll MOD - [2016/07/16 14:42:53 | 000,200,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll MOD - [2016/07/16 14:42:53 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll MOD - [2016/07/16 14:42:49 | 001,122,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dcomp.dll MOD - [2016/07/16 14:42:49 | 000,773,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2016/07/16 14:42:49 | 000,538,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll MOD - [2016/07/16 14:42:49 | 000,480,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\directmanipulation.dll MOD - [2016/07/16 14:42:49 | 000,255,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2016/07/16 14:42:49 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll MOD - [2016/07/16 14:42:49 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv MOD - [2016/07/16 14:42:49 | 000,144,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2016/07/16 14:42:49 | 000,135,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2016/07/16 14:42:49 | 000,131,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmmbase.dll MOD - [2016/07/16 14:42:49 | 000,124,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll MOD - [2016/07/16 14:42:49 | 000,114,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll MOD - [2016/07/16 14:42:49 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll MOD - [2016/07/16 14:42:49 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontsub.dll MOD - [2016/07/16 14:42:49 | 000,090,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll MOD - [2016/07/16 14:42:49 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2016/07/16 14:42:49 | 000,069,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll MOD - [2016/07/16 14:42:49 | 000,054,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2016/07/16 14:42:49 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credui.dll MOD - [2016/07/16 14:42:49 | 000,031,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2016/07/16 14:42:49 | 000,029,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2016/07/16 14:42:49 | 000,028,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll MOD - [2016/07/16 14:42:49 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv MOD - [2016/07/16 14:42:49 | 000,020,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2016/07/16 14:42:49 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll MOD - [2016/07/16 14:42:49 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll MOD - [2016/07/16 14:42:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2016/07/16 14:42:48 | 001,187,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll MOD - [2016/07/16 14:42:48 | 000,608,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll MOD - [2016/07/16 14:42:48 | 000,482,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2016/07/16 14:42:46 | 000,528,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2016/07/16 14:42:46 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\smartscreenps.dll MOD - [2016/07/16 14:42:46 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2016/07/16 14:42:45 | 004,268,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2016/07/16 14:42:45 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2016/07/16 14:42:45 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll MOD - [2016/07/16 14:42:45 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2016/07/16 14:42:45 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pcacli.dll MOD - [2016/07/16 14:42:45 | 000,017,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2016/07/16 14:42:45 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll MOD - [2016/07/16 14:42:27 | 000,367,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll MOD - [2016/07/16 14:42:27 | 000,093,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2016/07/16 14:42:27 | 000,026,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2016/07/16 14:42:27 | 000,020,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2016/07/16 14:42:17 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9268_none_d08e1538442a243e\msvcr80.dll MOD - [2016/07/16 14:42:17 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9268_none_d08e1538442a243e\msvcp80.dll MOD - [2016/07/16 14:42:03 | 001,088,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfperfhelper.dll MOD - [2016/07/16 14:42:03 | 000,455,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSAudDecMFT.dll MOD - [2016/07/16 14:42:03 | 000,098,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MP3DMOD.DLL MOD - [2016/07/13 15:33:24 | 005,946,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MOD - [2016/07/13 15:33:24 | 000,074,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll MOD - [2016/07/13 15:33:22 | 000,364,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll MOD - [2016/05/25 12:03:26 | 000,778,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PresentationNative_v0300.dll MOD - [2016/05/24 18:46:50 | 011,214,848 | ---- | M] (IBM Corporation and others) -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\icudt40.dll MOD - [2016/05/24 18:46:50 | 007,701,776 | ---- | M] () -- C:\Program Files\pia_manager\pia_manager.exe MOD - [2016/05/24 18:46:50 | 007,262,208 | ---- | M] (Apple Inc.) -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\WebKit.dll MOD - [2016/05/24 18:46:50 | 001,234,944 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll MOD - [2016/05/24 18:46:50 | 001,198,592 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll MOD - [2016/05/24 18:46:50 | 001,044,480 | ---- | M] (IBM Corporation and others) -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\icuin40.dll MOD - [2016/05/24 18:46:50 | 001,032,192 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\LIBEAY32.dll MOD - [2016/05/24 18:46:50 | 000,917,504 | ---- | M] (IBM Corporation and others) -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\icuuc40.dll MOD - [2016/05/24 18:46:50 | 000,872,448 | ---- | M] (Apple Inc.) -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\JavaScriptCore.dll MOD - [2016/05/24 18:46:50 | 000,815,104 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll MOD - [2016/05/24 18:46:50 | 000,745,472 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll MOD - [2016/05/24 18:46:50 | 000,642,048 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll MOD - [2016/05/24 18:46:50 | 000,511,488 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll MOD - [2016/05/24 18:46:50 | 000,368,640 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll MOD - [2016/05/24 18:46:50 | 000,344,064 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll MOD - [2016/05/24 18:46:50 | 000,290,816 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll MOD - [2016/05/24 18:46:50 | 000,225,280 | ---- | M] (The cURL library, http://curl.haxx.se/) -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libcurl.dll MOD - [2016/05/24 18:46:50 | 000,217,088 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll MOD - [2016/05/24 18:46:50 | 000,212,992 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\SSLEAY32.dll MOD - [2016/05/24 18:46:50 | 000,200,704 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll MOD - [2016/05/24 18:46:50 | 000,184,320 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\pia_tray.exe MOD - [2016/05/24 18:46:50 | 000,180,224 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll MOD - [2016/05/24 18:46:50 | 000,059,904 | ---- | M] () -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll MOD - [2016/05/24 18:46:50 | 000,048,128 | ---- | M] (Open Source Software community project) -- C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\pthreadVC2.dll MOD - [2015/08/12 17:29:22 | 005,467,527 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Link\tools\pclink_connect.exe MOD - [2015/08/12 17:29:22 | 001,009,664 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Link\tools\adb.exe MOD - [2015/08/12 17:29:22 | 000,096,256 | ---- | M] (Google, inc) -- C:\Program Files (x86)\ASUS\PC Link\tools\AdbWinApi.dll MOD - [2015/08/12 17:29:22 | 000,060,928 | ---- | M] (Google, inc) -- C:\Program Files (x86)\ASUS\PC Link\tools\AdbWinUsbApi.dll MOD - [2013/12/09 18:26:06 | 001,080,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\AVAST Software\Avast\dbghelp.dll MOD - [2013/08/14 22:21:18 | 000,318,528 | ---- | M] (blekko) -- C:\ProgramData\ZGame Anti-Phishing Domain\zgame_antiphishing.dll MOD - [2013/08/14 22:21:14 | 000,235,072 | ---- | M] (blekko) -- C:\ProgramData\ZGame Anti-Phishing Domain\zgame_antiphishing.exe MOD - [2012/09/17 05:22:37 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe MOD - [2012/06/27 14:22:34 | 000,223,232 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll MOD - [2012/06/20 18:21:46 | 001,556,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe MOD - [2012/06/08 00:12:06 | 000,162,456 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe MOD - [2012/06/08 00:12:06 | 000,090,832 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe MOD - [2012/06/08 00:12:04 | 001,595,392 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\ASUS\Splendid\Alb_ASUSLib.dll MOD - [2012/06/08 00:12:04 | 000,053,248 | ---- | M] (ASUSTeK) -- C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll MOD - [2012/06/08 00:12:04 | 000,032,768 | ---- | M] (ASUSTek) -- C:\Program Files (x86)\ASUS\Splendid\OVS.dll MOD - [2012/06/08 00:12:04 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll MOD - [2012/05/31 05:35:50 | 000,174,752 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe MOD - [2012/05/31 01:04:14 | 000,322,208 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe MOD - [2012/05/08 02:18:28 | 006,421,120 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\WaveThemeRes.dll MOD - [2012/05/07 20:02:24 | 000,065,664 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\MetroInfo.dll MOD - [2012/04/28 19:43:00 | 002,321,584 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe MOD - [2012/03/26 20:14:26 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe MOD - [2012/03/26 20:12:02 | 000,073,728 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll MOD - [2012/02/17 02:01:36 | 000,473,728 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe MOD - [2012/01/31 19:25:12 | 002,891,264 | ---- | M] (FreeImage) -- C:\Program Files (x86)\ASUS\Wireless Console 3\FreeImage.dll MOD - [2012/01/31 19:25:12 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll MOD - [2012/01/31 19:25:12 | 001,069,056 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\ASUS\Wireless Console 3\libeay32.dll MOD - [2012/01/31 19:25:12 | 000,331,776 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\RtlLib.dll MOD - [2012/01/31 19:25:12 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll MOD - [2012/01/31 19:25:12 | 000,200,704 | ---- | M] (Realtek) -- C:\Program Files (x86)\ASUS\Wireless Console 3\IpLib.dll MOD - [2012/01/31 19:25:12 | 000,080,384 | ---- | M] (ACTIONTEC Electronics,Inc) -- C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL MOD - [2012/01/31 19:25:12 | 000,036,864 | ---- | M] (ATK) -- C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll MOD - [2010/08/20 19:57:06 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2010/08/20 19:57:06 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll MOD - [2010/08/20 19:57:06 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll MOD - [2010/08/20 19:57:06 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe MOD - [2010/08/20 19:57:00 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009/06/19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - File not found [Auto | Stopped] -- C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -- (InstallerService) SRV:[b]64bit:[/b] - [2017/06/03 12:59:51 | 000,764,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV:[b]64bit:[/b] - [2017/06/03 11:51:36 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc) SRV:[b]64bit:[/b] - [2017/05/26 11:56:06 | 000,087,760 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper) SRV:[b]64bit:[/b] - [2017/05/26 11:01:24 | 000,016,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler) SRV:[b]64bit:[/b] - [2017/05/26 10:54:06 | 001,001,920 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey) SRV:[b]64bit:[/b] - [2017/05/10 13:46:14 | 000,263,304 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2017/05/10 13:46:07 | 007,346,208 | ---- | M] (AVAST Software s.r.o.) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent) SRV:[b]64bit:[/b] - [2017/04/28 03:52:48 | 000,347,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc) SRV:[b]64bit:[/b] - [2017/04/28 03:51:49 | 003,318,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:[b]64bit:[/b] - [2017/04/28 03:38:52 | 000,103,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:[b]64bit:[/b] - [2017/04/28 02:59:15 | 000,635,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc) SRV:[b]64bit:[/b] - [2017/04/28 02:55:27 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV:[b]64bit:[/b] - [2017/04/28 02:51:08 | 002,104,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:[b]64bit:[/b] - [2017/04/28 02:48:03 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2017/04/28 02:44:42 | 000,548,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc) SRV:[b]64bit:[/b] - [2017/04/28 02:43:45 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:[b]64bit:[/b] - [2017/04/28 02:43:34 | 000,331,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc) SRV:[b]64bit:[/b] - [2017/04/28 02:43:31 | 001,184,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc) SRV:[b]64bit:[/b] - [2017/04/28 02:42:01 | 001,021,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager) SRV:[b]64bit:[/b] - [2017/04/28 02:41:36 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo) SRV:[b]64bit:[/b] - [2017/04/28 02:41:24 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc) SRV:[b]64bit:[/b] - [2017/04/28 02:40:14 | 000,770,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:[b]64bit:[/b] - [2017/04/28 02:37:57 | 001,984,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack) SRV:[b]64bit:[/b] - [2017/03/28 08:10:05 | 001,231,872 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc) SRV:[b]64bit:[/b] - [2017/03/18 19:35:45 | 002,278,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:[b]64bit:[/b] - [2017/03/04 09:33:28 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate) SRV:[b]64bit:[/b] - [2017/03/04 09:29:39 | 000,082,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker) SRV:[b]64bit:[/b] - [2017/03/04 09:29:21 | 000,203,264 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc) SRV:[b]64bit:[/b] - [2017/03/04 09:28:56 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss) SRV:[b]64bit:[/b] - [2017/03/04 09:28:56 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv) SRV:[b]64bit:[/b] - [2017/03/04 09:25:51 | 001,016,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager) SRV:[b]64bit:[/b] - [2017/03/04 09:24:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc) SRV:[b]64bit:[/b] - [2017/03/04 09:23:18 | 000,715,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:[b]64bit:[/b] - [2017/03/04 09:15:29 | 001,837,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:[b]64bit:[/b] - [2017/03/04 09:12:58 | 000,805,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer) SRV:[b]64bit:[/b] - [2017/03/04 09:11:22 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService) SRV:[b]64bit:[/b] - [2017/03/04 09:07:14 | 001,512,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc) SRV:[b]64bit:[/b] - [2016/12/14 07:43:24 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:[b]64bit:[/b] - [2016/11/11 12:20:50 | 000,339,456 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc) SRV:[b]64bit:[/b] - [2016/11/11 12:19:59 | 000,411,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc) SRV:[b]64bit:[/b] - [2016/11/11 12:19:35 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc) SRV:[b]64bit:[/b] - [2016/11/11 12:05:32 | 004,136,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository) SRV:[b]64bit:[/b] - [2016/11/11 12:04:16 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:[b]64bit:[/b] - [2016/10/02 12:00:12 | 000,447,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:[b]64bit:[/b] - [2016/10/02 11:59:42 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc) SRV:[b]64bit:[/b] - [2016/10/02 11:59:42 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc) SRV:[b]64bit:[/b] - [2016/10/02 11:59:24 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService) SRV:[b]64bit:[/b] - [2016/10/02 11:59:24 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager) SRV:[b]64bit:[/b] - [2016/10/02 11:59:11 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession) SRV:[b]64bit:[/b] - [2016/10/02 11:59:11 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:[b]64bit:[/b] - [2016/10/02 11:59:11 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:[b]64bit:[/b] - [2016/10/02 11:59:11 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:[b]64bit:[/b] - [2016/10/02 11:59:11 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:[b]64bit:[/b] - [2016/10/02 11:59:11 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:[b]64bit:[/b] - [2016/10/02 11:59:09 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:[b]64bit:[/b] - [2016/10/02 11:36:31 | 000,083,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc) SRV:[b]64bit:[/b] - [2016/10/02 11:36:18 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ) SRV:[b]64bit:[/b] - [2016/07/16 14:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:[b]64bit:[/b] - [2016/07/16 14:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService) SRV:[b]64bit:[/b] - [2016/07/16 14:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:[b]64bit:[/b] - [2016/07/16 14:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:[b]64bit:[/b] - [2016/07/16 14:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc) SRV:[b]64bit:[/b] - [2016/07/16 14:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice) SRV:[b]64bit:[/b] - [2016/07/16 14:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:[b]64bit:[/b] - [2016/07/16 14:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc) SRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service) SRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_bc447d5) SRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_bc447d5) SRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_bc447d5) SRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_bc447d5) SRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_bc447d5) SRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_bc447d5) SRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_bc447d5) SRV:[b]64bit:[/b] - [2016/07/16 14:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc) SRV:[b]64bit:[/b] - [2016/07/16 14:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:[b]64bit:[/b] - [2016/07/16 14:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService) SRV:[b]64bit:[/b] - [2016/07/16 14:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:[b]64bit:[/b] - [2016/07/16 14:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:[b]64bit:[/b] - [2016/07/16 14:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter) SRV:[b]64bit:[/b] - [2016/07/16 14:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2016/07/16 14:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService) SRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc) SRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService) SRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc) SRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc) SRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService) SRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc) SRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker) SRV:[b]64bit:[/b] - [2016/07/16 14:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave) SRV:[b]64bit:[/b] - [2016/07/16 14:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC) SRV:[b]64bit:[/b] - [2016/07/16 14:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter) SRV:[b]64bit:[/b] - [2016/07/16 14:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:[b]64bit:[/b] - [2016/07/16 14:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc) SRV:[b]64bit:[/b] - [2016/07/16 14:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode) SRV:[b]64bit:[/b] - [2016/07/16 14:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost) SRV:[b]64bit:[/b] - [2016/07/16 14:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv) SRV:[b]64bit:[/b] - [2015/03/16 12:59:28 | 008,095,456 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\STCServ\STCServ.exe -- (STCServ) SRV:[b]64bit:[/b] - [2015/01/05 19:48:02 | 003,039,536 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dmwu.exe -- (IBUpdaterService) SRV:[b]64bit:[/b] - [2012/06/20 05:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:[b]64bit:[/b] - [2010/09/23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2017/06/22 08:55:28 | 000,272,384 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2017/06/22 00:28:20 | 000,175,560 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2017/06/03 11:40:59 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV - [2017/04/28 03:51:49 | 003,318,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2017/04/28 03:13:28 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV - [2017/04/25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2017/03/09 02:16:10 | 000,300,128 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2017/03/04 09:16:20 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc) SRV - [2016/12/09 10:21:10 | 000,038,272 | ---- | M] (TunnelBear) [Auto | Running] -- C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe -- (TunnelBearMaintenance) SRV - [2016/11/28 09:21:22 | 001,027,864 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\Temp\0247931498549050mcinst.exe -- (0247931498549050mcinstcleanup) SRV - [2016/11/11 10:05:12 | 003,370,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository) SRV - [2016/10/02 11:59:09 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2016/10/02 11:36:41 | 000,507,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2016/10/02 11:36:41 | 000,507,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2016/10/02 11:36:27 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc) SRV - [2016/10/02 11:36:23 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2016/01/08 11:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe -- (ss_conn_service) SRV - [2012/07/19 19:53:16 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012/07/19 19:53:10 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012/07/05 23:23:34 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) SRV - [2012/07/05 23:23:18 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012/04/13 20:14:00 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn) SRV - [2011/11/22 00:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2011/11/22 00:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2017/06/03 13:16:14 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2017/06/03 12:50:15 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:[b]64bit:[/b] - [2017/06/03 12:15:20 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:[b]64bit:[/b] - [2017/05/13 02:18:05 | 000,158,880 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm) DRV:[b]64bit:[/b] - [2017/05/10 13:46:41 | 000,569,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2017/05/10 13:46:41 | 000,339,696 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:[b]64bit:[/b] - [2017/05/10 13:46:41 | 000,128,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2017/05/10 13:46:41 | 000,075,704 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:[b]64bit:[/b] - [2017/05/10 13:46:41 | 000,038,296 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid) DRV:[b]64bit:[/b] - [2017/05/10 13:46:40 | 000,101,152 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2017/05/10 13:46:10 | 001,007,160 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2017/05/10 13:46:10 | 000,032,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:[b]64bit:[/b] - [2017/05/10 13:46:03 | 000,334,576 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog) DRV:[b]64bit:[/b] - [2017/05/10 13:46:03 | 000,311,808 | ---- | M] (AVAST Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver) DRV:[b]64bit:[/b] - [2017/05/10 13:46:03 | 000,190,256 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh) DRV:[b]64bit:[/b] - [2017/05/10 13:46:03 | 000,049,016 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv) DRV:[b]64bit:[/b] - [2017/04/28 03:55:36 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus) DRV:[b]64bit:[/b] - [2017/04/28 03:38:51 | 000,557,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:[b]64bit:[/b] - [2017/04/28 03:00:23 | 000,249,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum) DRV:[b]64bit:[/b] - [2017/03/28 08:36:52 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:[b]64bit:[/b] - [2017/03/09 10:18:58 | 000,128,024 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (AsusTP) DRV:[b]64bit:[/b] - [2017/03/09 02:16:06 | 005,382,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2017/03/04 10:24:27 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:[b]64bit:[/b] - [2017/03/04 10:15:25 | 000,063,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:[b]64bit:[/b] - [2017/03/04 10:08:59 | 000,130,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:[b]64bit:[/b] - [2017/03/04 09:34:51 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip) DRV:[b]64bit:[/b] - [2017/03/04 09:27:56 | 000,719,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi) DRV:[b]64bit:[/b] - [2016/12/09 13:30:39 | 000,377,184 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:[b]64bit:[/b] - [2016/11/11 13:00:25 | 000,219,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2016/11/02 13:55:52 | 000,048,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate) DRV:[b]64bit:[/b] - [2016/10/17 08:18:22 | 000,038,656 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap-tb-0901.sys -- (tap-tb-0901) DRV:[b]64bit:[/b] - [2016/10/15 06:31:37 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:[b]64bit:[/b] - [2016/10/05 13:09:07 | 000,064,352 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i) DRV:[b]64bit:[/b] - [2016/10/02 11:59:18 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice) DRV:[b]64bit:[/b] - [2016/10/02 11:59:15 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs) DRV:[b]64bit:[/b] - [2016/10/02 11:59:08 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:[b]64bit:[/b] - [2016/10/02 11:59:08 | 000,081,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:[b]64bit:[/b] - [2016/10/02 11:59:08 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:[b]64bit:[/b] - [2016/10/02 11:59:08 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid) DRV:[b]64bit:[/b] - [2016/10/02 11:36:40 | 000,175,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC) DRV:[b]64bit:[/b] - [2016/10/02 11:35:20 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof) DRV:[b]64bit:[/b] - [2016/09/10 16:21:43 | 000,118,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg) DRV:[b]64bit:[/b] - [2016/08/03 15:19:54 | 000,083,312 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHdsKe.sys -- (aswHdsKe) DRV:[b]64bit:[/b] - [2016/07/17 01:16:53 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2016/07/17 01:16:37 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2016/07/16 14:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:[b]64bit:[/b] - [2016/07/16 14:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:[b]64bit:[/b] - [2016/07/16 14:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:[b]64bit:[/b] - [2016/07/16 14:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:[b]64bit:[/b] - [2016/07/16 14:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:[b]64bit:[/b] - [2016/07/16 14:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:[b]64bit:[/b] - [2016/07/16 14:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:[b]64bit:[/b] - [2016/07/16 14:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr) DRV:[b]64bit:[/b] - [2016/07/16 14:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1) DRV:[b]64bit:[/b] - [2016/07/16 14:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT) DRV:[b]64bit:[/b] - [2016/07/16 14:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv) DRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000) DRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101) DRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101) DRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt) DRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000) DRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd) DRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2016/07/16 14:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:[b]64bit:[/b] - [2016/07/16 14:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist) DRV:[b]64bit:[/b] - [2016/07/16 14:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS) DRV:[b]64bit:[/b] - [2016/07/16 14:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:[b]64bit:[/b] - [2016/07/16 14:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda) DRV:[b]64bit:[/b] - [2016/07/16 14:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg) DRV:[b]64bit:[/b] - [2016/07/16 14:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs) DRV:[b]64bit:[/b] - [2016/07/16 14:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000) DRV:[b]64bit:[/b] - [2016/07/16 14:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:[b]64bit:[/b] - [2016/07/16 14:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx) DRV:[b]64bit:[/b] - [2016/07/16 14:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt) DRV:[b]64bit:[/b] - [2016/07/16 14:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt) DRV:[b]64bit:[/b] - [2016/07/16 14:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx) DRV:[b]64bit:[/b] - [2016/07/16 14:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf) DRV:[b]64bit:[/b] - [2016/07/16 14:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:[b]64bit:[/b] - [2016/07/16 14:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys) DRV:[b]64bit:[/b] - [2016/07/16 14:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea) DRV:[b]64bit:[/b] - [2016/07/16 14:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:[b]64bit:[/b] - [2016/07/16 14:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi) DRV:[b]64bit:[/b] - [2016/07/16 14:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea) DRV:[b]64bit:[/b] - [2016/07/16 14:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys) DRV:[b]64bit:[/b] - [2016/07/16 14:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn) DRV:[b]64bit:[/b] - [2016/07/16 14:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy) DRV:[b]64bit:[/b] - [2016/07/16 14:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C) DRV:[b]64bit:[/b] - [2016/07/16 14:41:54 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c) DRV:[b]64bit:[/b] - [2016/07/16 14:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2) DRV:[b]64bit:[/b] - [2016/07/16 14:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:[b]64bit:[/b] - [2016/07/16 14:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:[b]64bit:[/b] - [2016/07/16 14:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt) DRV:[b]64bit:[/b] - [2016/07/16 14:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter) DRV:[b]64bit:[/b] - [2016/07/16 14:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2016/07/16 14:41:54 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio) DRV:[b]64bit:[/b] - [2016/07/16 14:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:[b]64bit:[/b] - [2016/07/16 14:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:[b]64bit:[/b] - [2016/07/16 14:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn) DRV:[b]64bit:[/b] - [2016/07/16 14:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2016/07/16 14:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2016/07/16 14:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:[b]64bit:[/b] - [2016/07/16 14:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:[b]64bit:[/b] - [2016/07/16 14:41:50 | 004,233,728 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr) DRV:[b]64bit:[/b] - [2016/07/16 14:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:[b]64bit:[/b] - [2016/07/16 14:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:[b]64bit:[/b] - [2016/07/16 14:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:[b]64bit:[/b] - [2016/07/16 14:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:[b]64bit:[/b] - [2016/07/16 14:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus) DRV:[b]64bit:[/b] - [2016/07/16 14:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2016/07/16 14:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:[b]64bit:[/b] - [2016/07/16 14:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:[b]64bit:[/b] - [2016/07/16 14:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:[b]64bit:[/b] - [2016/07/16 14:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid) DRV:[b]64bit:[/b] - [2016/05/24 18:34:35 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:[b]64bit:[/b] - [2016/04/25 00:35:58 | 000,221,824 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b]64bit:[/b] - [2016/04/25 00:35:52 | 000,129,152 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b]64bit:[/b] - [2016/04/21 14:24:28 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ptun0901.sys -- (ptun0901) DRV:[b]64bit:[/b] - [2015/08/27 03:50:44 | 000,036,496 | ---- | M] (Qualcomm Atheros) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:[b]64bit:[/b] - [2015/08/20 02:53:56 | 000,027,872 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch) DRV:[b]64bit:[/b] - [2015/07/10 16:35:26 | 000,193,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2015/07/08 09:27:46 | 000,321,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR) DRV:[b]64bit:[/b] - [2015/06/29 11:22:38 | 000,609,992 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:[b]64bit:[/b] - [2012/04/28 20:06:42 | 000,111,232 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:[b]64bit:[/b] - [2012/04/28 20:06:18 | 000,341,120 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b]64bit:[/b] - [2010/08/03 16:25:30 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tapoas.sys -- (tapoas) DRV - [2016/07/16 14:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus) DRV - [2011/09/07 19:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009/07/03 03:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=400&systemid=406&v=n11099-242&apn_uid=3507030243044633&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=400&systemid=406&v=n11099-242&apn_uid=3507030243044633&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = {ABB43980-7DD2-445E-A7CF-2B02441727BB} IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.mystart.com/results.php?gen=ms&pr=vmn&id=zgametb&v=2_0&ent=ch_6252&q={searchTerms} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=400&systemid=406&v=n11099-242&apn_uid=3507030243044633&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} IE - HKCU\..\SearchScopes\{ABB43980-7DD2-445E-A7CF-2B02441727BB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={37DFFF81-AD0E-11E2-8393-DC85DE3F897E}&UPN2=92546983817052821&&st=23&did=10963&ptr=100 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "IL" FF - prefs.js..browser.search.redirectWindowsSearch: false FF - prefs.js..browser.search.region: "IL" FF - prefs.js..browser.startup.homepage: "http://news.fr.msn.com/m6-actualite/default.aspx" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:54.0 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\TorchVLC: C:\Users\Asus\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Asus\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Asus\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 54.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 54.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2017/06/22 00:27:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 54.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 54.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2017/06/22 00:27:41 | 000,000,000 | ---D | M] [2016/09/15 11:47:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions [2016/09/15 11:47:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions\net.openvpn.client [2017/05/10 14:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\b7qkieit.default\browser-extension-data [2017/05/10 14:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\b7qkieit.default\browser-extension-data\wrc@avast.com [2017/05/31 18:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\b7qkieit.default\extensions [2017/05/31 18:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\b7qkieit.default\extensions\trash [2017/05/31 18:17:19 | 000,352,827 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\b7qkieit.default\extensions\sp@avast.com.xpi [2017/05/31 18:17:20 | 000,694,121 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\b7qkieit.default\extensions\wrc@avast.com.xpi [2017/05/10 13:46:11 | 000,692,271 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\b7qkieit.default\extensions\trash\wrc@avast.com.xpi [2017/06/24 18:13:32 | 000,009,974 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\b7qkieit.default\features\{752845f9-4020-428a-9ba0-37fb998a09c3}\followonsearch@mozilla.com.xpi [2017/06/24 18:13:32 | 000,044,954 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\b7qkieit.default\features\{752845f9-4020-428a-9ba0-37fb998a09c3}\shield-recipe-client@mozilla.org.xpi [2016/05/28 19:38:58 | 000,002,161 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\b7qkieit.default\searchplugins\MyStart Search.xml [2017/06/22 00:27:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2016/07/19 19:47:12 | 000,043,424 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.242_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\8.0.0.9098_1\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ O1 HOSTS File: ([2017/05/20 19:14:14 | 000,000,828 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (True Key Helper) - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll (Intel Security) O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll File not found O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (True Key Helper) - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (Intel Security) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (True Key) - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll (Intel Security) O3 - HKLM\..\Toolbar: (True Key) - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (Intel Security) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\athbttray.exe" File not found O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\btvstack.exe" File not found O4:[b]64bit:[/b] - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IntelConnectCenter] C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe (Intel® Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" File not found O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe (ASUS Cloud Corporation) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [ZGame Anti-Phishing Domain] C:\ProgramData\ZGame Anti-Phishing Domain\zgame_antiphishing.exe (blekko) O4 - HKCU..\Run: [Dropbox Update] C:\Users\Asus\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.) O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) O4 - HKCU..\Run: [OneDrive] C:\Users\Asus\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) O4 - HKCU..\Run: [PCLink] c:\program files (x86)\asus\pc link\pclink.exe (ASUSTek Computer Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:[b]64bit:[/b] - Extra context menu item: &ÙÙæÕÐ ÐÜ Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: é&Ü× ÐÜ OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: &ÙÙæÕÐ ÐÜ Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: é&Ü× ÐÜ OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105 File not found O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll File not found O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Key error. File not found O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.179.52.100 80.179.55.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6210e844-2f0e-4c10-ad70-13c11340d0a9}: DhcpNameServer = 172.18.13.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6590f4b8-4781-443c-99a5-21a435623b6e}: DhcpNameServer = 172.20.10.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d3c75c68-9de2-426b-8733-df1975377494}: DhcpNameServer = 80.179.52.100 80.179.55.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{f8028431-9573-42b8-81e4-342c96637f02}: DhcpNameServer = 82.102.139.20 82.102.139.10 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\osf - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O27:[b]64bit:[/b] - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation) O27:[b]64bit:[/b] - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation) O27:[b]64bit:[/b] - HKLM IFEO\bpsvc.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation) O27:[b]64bit:[/b] - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation) O27:[b]64bit:[/b] - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation) O27:[b]64bit:[/b] - HKLM IFEO\browsersafeguard.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation) O27:[b]64bit:[/b] - HKLM IFEO\protectedsearch.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation) O27:[b]64bit:[/b] - HKLM IFEO\searchprotection.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation) O27:[b]64bit:[/b] - HKLM IFEO\snapdo.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation) O27:[b]64bit:[/b] - HKLM IFEO\stinst32.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation) O27:[b]64bit:[/b] - HKLM IFEO\stinst64.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\snapdo.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\stinst32.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\stinst64.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (livessp) - File not found O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{002da897-7d91-11e6-b388-10bf48953b7c}\Shell - "" = AutoRun O33 - MountPoints2\{002da897-7d91-11e6-b388-10bf48953b7c}\Shell\AutoRun\command - "" = "E:\Setup.exe" O33 - MountPoints2\{550c6087-e7b2-11e6-b39b-dc85de3f897e}\Shell - "" = AutoRun O33 - MountPoints2\{550c6087-e7b2-11e6-b39b-dc85de3f897e}\Shell\AutoRun\command - "" = "E:\Setup.exe" O33 - MountPoints2\{997f97a2-2ec6-11e7-b3a4-dc85de3f897e}\Shell - "" = AutoRun O33 - MountPoints2\{997f97a2-2ec6-11e7-b3a4-dc85de3f897e}\Shell\AutoRun\command - "" = "E:\Setup.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b]64bit:[/b] shpamsvc - C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] lfsvc - C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] DmEnrollmentSvc - C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] dmwappushservice - C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] WpnService - C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] XboxNetApiSvc - C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] DcpSvc - C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] RetailDemo - C:\Windows\SysNative\RDXService.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] dosvc - C:\Windows\SysNative\dosvc.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] XblAuthManager - C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] XblGameSave - C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] UsoSvc - C:\Windows\SysNative\usocore.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] wisvc - C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] NetSetupSvc - C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Ahcache.sys - C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] CoreMessagingRegistrar - C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] iai2c.sys - C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation) SafeBootMin:[b]64bit:[/b] KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] SpbCx.sys - C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] StateRepository - C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] TBS - Service SafeBootMin:[b]64bit:[/b] TileDataModelSvc - C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] uefi.sys - C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices SafeBootMin:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin:[b]64bit:[/b] {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: CoreMessagingRegistrar - C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation) SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: StateRepository - C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation) SafeBootMin: System Bus Extender - Driver Group SafeBootMin: TBS - Service SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware SafeBootNet:[b]64bit:[/b] Ahcache.sys - C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] CoreMessagingRegistrar - C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] netprofm - C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdpencdd.sys - Driver SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] SmartcardSimulator - Driver SafeBootNet:[b]64bit:[/b] SpbCx.sys - C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] StateRepository - C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] TBS - Service SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] TileDataModelSvc - C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] uefi.sys - C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] VaultSvc - C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] VirtualSmartcardReader - Driver SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] Wcmsvc - C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices SafeBootNet:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: CoreMessagingRegistrar - C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation) SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdpencdd.sys - Driver SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: SmartcardSimulator - Driver SafeBootNet: StateRepository - C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation) SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TBS - Service SafeBootNet: TDI - Driver Group SafeBootNet: VirtualSmartcardReader - Driver SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: {F2E7DD72-6468-4E36-B6F1-6488F42C1B52} - Firmware ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall ActiveX:[b]64bit:[/b] {31699572-6286-3C1C-A03C-511D59181038} - .NET Framework ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install ActiveX:[b]64bit:[/b] {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\inf\unregmp2.exe /ShowWMP ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {71A5A636-652F-3BE0-BC14-02545E9F5EC7} - .NET Framework ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2017/06/27 20:39:54 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2017/06/26 18:11:05 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\ÔÛèÕÙÕê ÜÓêÙÙÝ - éÜÙé Òß âÓß - ÔÕÓâÕê_fichiers [2017/06/23 11:16:31 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp [2017/06/23 02:42:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\UpdateAssistantV2 [2017/06/23 00:27:09 | 000,545,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe [2017/06/23 00:27:09 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll [2017/06/23 00:27:09 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll [2017/06/23 00:27:09 | 000,315,744 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll [2017/06/23 00:27:08 | 000,780,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe [2017/06/23 00:27:08 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExSMime.dll [2017/06/23 00:27:07 | 002,997,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys [2017/06/23 00:27:07 | 001,412,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll [2017/06/23 00:27:07 | 000,037,376 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll [2017/06/23 00:27:05 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.BlockedShutdown.dll [2017/06/23 00:27:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll [2017/06/23 00:27:03 | 005,686,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll [2017/06/23 00:27:03 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll [2017/06/23 00:27:02 | 002,643,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll [2017/06/23 00:27:02 | 001,221,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll [2017/06/23 00:27:01 | 001,021,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll [2017/06/23 00:27:01 | 000,886,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll [2017/06/23 00:27:01 | 000,709,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll [2017/06/23 00:27:01 | 000,607,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll [2017/06/23 00:27:00 | 000,381,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS [2017/06/23 00:27:00 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupShim.dll [2017/06/23 00:27:00 | 000,279,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys [2017/06/23 00:27:00 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppointmentActivation.dll [2017/06/23 00:27:00 | 000,111,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupApi.dll [2017/06/23 00:27:00 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll [2017/06/23 00:26:59 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certutil.exe [2017/06/23 00:26:59 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hnetcfg.dll [2017/06/23 00:26:59 | 000,187,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys [2017/06/23 00:26:59 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys [2017/06/23 00:26:58 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcorehc.dll [2017/06/23 00:26:58 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edputil.dll [2017/06/23 00:26:58 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tcpipcfg.dll [2017/06/23 00:26:58 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthBrokerUI.dll [2017/06/23 00:26:57 | 002,538,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll [2017/06/23 00:26:57 | 000,857,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe [2017/06/23 00:26:57 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll [2017/06/23 00:26:57 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll [2017/06/23 00:26:56 | 003,403,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll [2017/06/23 00:26:56 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll [2017/06/23 00:26:53 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll [2017/06/23 00:26:53 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll [2017/06/23 00:26:52 | 000,038,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OOBEUpdater.exe [2017/06/23 00:26:51 | 000,857,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll [2017/06/23 00:26:49 | 002,213,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll [2017/06/23 00:26:49 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll [2017/06/23 00:26:44 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll [2017/06/23 00:26:44 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll [2017/06/23 00:26:44 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe [2017/06/23 00:26:44 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpninprc.dll [2017/06/23 00:26:43 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupSvc.dll [2017/06/23 00:26:43 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe [2017/06/23 00:26:42 | 000,148,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupApi.dll [2017/06/23 00:26:42 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll [2017/06/23 00:26:31 | 000,441,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcorehc.dll [2017/06/23 00:26:29 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll [2017/06/23 00:26:28 | 018,364,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll [2017/06/23 00:26:26 | 000,822,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll [2017/06/23 00:26:26 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll [2017/06/23 00:26:24 | 006,042,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll [2017/06/23 00:26:23 | 004,744,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2017/06/23 00:26:23 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll [2017/06/23 00:26:22 | 008,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll [2017/06/23 00:26:20 | 001,513,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys [2017/06/23 00:26:20 | 000,402,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys [2017/06/23 00:26:18 | 007,783,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2017/06/23 00:26:16 | 002,475,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll [2017/06/23 00:26:15 | 022,569,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll [2017/06/23 00:26:10 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.BlockedShutdown.dll [2017/06/23 00:26:09 | 001,121,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll [2017/06/23 00:26:09 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkBindingEngineMigPlugin.dll [2017/06/23 00:26:08 | 001,112,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll [2017/06/23 00:26:08 | 000,975,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe [2017/06/23 00:26:08 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efscore.dll [2017/06/23 00:26:08 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll [2017/06/23 00:26:07 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hnetcfg.dll [2017/06/23 00:26:02 | 000,628,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe [2017/06/23 00:26:02 | 000,379,232 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll [2017/06/23 00:26:01 | 001,566,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll [2017/06/23 00:26:01 | 000,886,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll [2017/06/23 00:26:00 | 003,615,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys [2017/06/23 00:26:00 | 001,600,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2017/06/23 00:25:59 | 001,490,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll [2017/06/23 00:25:57 | 000,764,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll [2017/06/23 00:25:56 | 007,217,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll [2017/06/23 00:25:54 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll [2017/06/23 00:25:53 | 002,510,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll [2017/06/23 00:25:51 | 001,100,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe [2017/06/23 00:25:51 | 000,989,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe [2017/06/23 00:25:50 | 000,233,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll [2017/06/23 00:25:49 | 001,564,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll [2017/06/23 00:25:49 | 001,214,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll [2017/06/23 00:25:49 | 000,334,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll [2017/06/23 00:25:48 | 000,455,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe [2017/06/23 00:25:47 | 000,629,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll [2017/06/23 00:25:47 | 000,544,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll [2017/06/23 00:25:47 | 000,096,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe [2017/06/23 00:25:46 | 000,489,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupShim.dll [2017/06/23 00:25:46 | 000,335,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll [2017/06/23 00:25:46 | 000,192,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll [2017/06/23 00:25:46 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll [2017/06/23 00:25:45 | 000,136,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll [2017/06/23 00:25:45 | 000,045,056 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll [2017/06/23 00:25:44 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certutil.exe [2017/06/23 00:25:44 | 000,509,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys [2017/06/23 00:25:44 | 000,034,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe [2017/06/23 00:25:43 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll [2017/06/23 00:25:43 | 000,136,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ImplatSetup.dll [2017/06/23 00:25:43 | 000,128,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tm.sys [2017/06/23 00:25:42 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthBrokerUI.dll [2017/06/23 00:25:41 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HNetCfgClient.dll [2017/06/23 00:25:41 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edputil.dll [2017/06/23 00:25:41 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdProxy.dll [2017/06/22 00:27:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [3 C:\Users\Asus\Desktop\*.tmp files -> C:\Users\Asus\Desktop\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2017/06/28 01:00:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2017/06/27 21:53:43 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2017/06/27 10:36:35 | 000,000,387 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\sp_data.sys [2017/06/27 10:36:05 | 3129,835,520 | -HS- | M] () -- C:\hiberfil.sys [2017/06/26 18:11:08 | 000,388,723 | ---- | M] () -- C:\Users\Asus\Desktop\ÔÛèÕÙÕê ÜÓêÙÙÝ - éÜÙé Òß âÓß - ÔÕÓâÕê.htm [2017/06/26 12:31:46 | 003,410,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2017/06/26 12:31:46 | 000,969,374 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00D.dat [2017/06/26 12:31:46 | 000,968,014 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2017/06/26 12:31:46 | 000,670,686 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat [2017/06/26 12:31:46 | 000,306,292 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2017/06/26 12:31:46 | 000,238,544 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00D.dat [2017/06/26 12:31:46 | 000,229,820 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat [2017/06/24 21:23:53 | 000,038,386 | ---- | M] () -- C:\Users\Asus\Desktop\KAMI.jpg [2017/06/24 17:51:41 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2017/06/23 11:11:27 | 000,384,864 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2017/06/23 11:11:17 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2017/06/07 17:46:55 | 000,073,917 | ---- | M] () -- C:\Users\Asus\Desktop\mos du coin.jpg [2017/06/07 01:47:26 | 000,061,304 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\lpsport.sys [2017/06/06 00:41:42 | 000,323,704 | ---- | M] () -- C:\Users\Asus\Desktop\nuit blanche a ta.jpg [2017/06/06 00:32:21 | 000,042,696 | ---- | M] () -- C:\Users\Asus\Desktop\w n.jpg [2017/06/03 13:50:15 | 000,192,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll [2017/06/03 13:50:04 | 000,315,744 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll [2017/06/03 13:16:14 | 000,279,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys [2017/06/03 13:14:28 | 000,379,232 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll [2017/06/03 13:14:27 | 001,564,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll [2017/06/03 13:14:27 | 001,214,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll [2017/06/03 13:14:27 | 000,629,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll [2017/06/03 13:14:26 | 000,544,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll [2017/06/03 13:14:26 | 000,334,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll [2017/06/03 13:14:26 | 000,233,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll [2017/06/03 13:14:26 | 000,136,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll [2017/06/03 13:14:26 | 000,096,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe [2017/06/03 13:14:25 | 000,136,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ImplatSetup.dll [2017/06/03 13:14:23 | 000,335,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll [2017/06/03 13:14:20 | 000,034,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe [2017/06/03 13:11:25 | 000,128,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tm.sys [2017/06/03 13:09:08 | 002,213,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll [2017/06/03 13:08:10 | 007,783,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2017/06/03 13:06:40 | 002,048,496 | ---- | M] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll [2017/06/03 13:01:49 | 002,681,200 | ---- | M] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll [2017/06/03 12:59:51 | 000,764,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll [2017/06/03 12:55:19 | 000,780,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe [2017/06/03 12:54:24 | 000,187,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys [2017/06/03 12:52:57 | 001,021,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll [2017/06/03 12:52:38 | 000,111,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupApi.dll [2017/06/03 12:52:31 | 000,607,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll [2017/06/03 12:51:02 | 000,402,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys [2017/06/03 12:50:35 | 000,857,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe [2017/06/03 12:50:15 | 000,381,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS [2017/06/03 12:49:27 | 000,509,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys [2017/06/03 12:48:48 | 001,100,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe [2017/06/03 12:48:44 | 001,112,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll [2017/06/03 12:48:39 | 000,989,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe [2017/06/03 12:48:28 | 000,857,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll [2017/06/03 12:48:26 | 000,148,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupApi.dll [2017/06/03 12:44:54 | 001,412,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll [2017/06/03 12:44:50 | 000,545,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe [2017/06/03 12:44:34 | 001,600,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2017/06/03 12:40:36 | 001,566,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll [2017/06/03 12:40:33 | 000,628,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe [2017/06/03 12:39:09 | 000,455,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe [2017/06/03 12:39:04 | 005,686,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll [2017/06/03 12:33:14 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll [2017/06/03 12:31:50 | 000,037,376 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll [2017/06/03 12:31:14 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExSMime.dll [2017/06/03 12:28:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edputil.dll [2017/06/03 12:28:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.BlockedShutdown.dll [2017/06/03 12:26:16 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll [2017/06/03 12:26:00 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthBrokerUI.dll [2017/06/03 12:23:57 | 000,306,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll [2017/06/03 12:22:56 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupShim.dll [2017/06/03 12:22:53 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tcpipcfg.dll [2017/06/03 12:22:36 | 000,327,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcorehc.dll [2017/06/03 12:22:29 | 007,217,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll [2017/06/03 12:19:49 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certutil.exe [2017/06/03 12:18:28 | 022,569,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll [2017/06/03 12:16:30 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll [2017/06/03 12:16:27 | 000,709,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll [2017/06/03 12:15:41 | 018,364,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll [2017/06/03 12:15:38 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll [2017/06/03 12:15:21 | 000,886,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll [2017/06/03 12:15:20 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys [2017/06/03 12:14:44 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll [2017/06/03 12:14:35 | 000,045,056 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll [2017/06/03 12:14:18 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe [2017/06/03 12:14:01 | 000,238,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe [2017/06/03 12:11:56 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll [2017/06/03 12:10:54 | 000,117,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthBrokerUI.dll [2017/06/03 12:10:51 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edputil.dll [2017/06/03 12:10:06 | 000,418,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.BlockedShutdown.dll [2017/06/03 12:09:57 | 000,489,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupShim.dll [2017/06/03 12:09:50 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkBindingEngineMigPlugin.dll [2017/06/03 12:09:13 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcorehc.dll [2017/06/03 12:08:28 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll [2017/06/03 12:08:27 | 000,691,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll [2017/06/03 12:08:25 | 001,221,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll [2017/06/03 12:08:24 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll [2017/06/03 12:08:23 | 002,643,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll [2017/06/03 12:07:55 | 000,552,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll [2017/06/03 12:07:32 | 000,456,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll [2017/06/03 12:07:14 | 000,255,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HNetCfgClient.dll [2017/06/03 12:06:11 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll [2017/06/03 12:05:25 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hnetcfg.dll [2017/06/03 12:04:36 | 006,042,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll [2017/06/03 12:03:09 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll [2017/06/03 12:02:30 | 002,997,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys [2017/06/03 12:01:46 | 000,856,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efscore.dll [2017/06/03 11:58:35 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdProxy.dll [2017/06/03 11:54:44 | 001,217,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll [2017/06/03 11:53:40 | 008,125,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll [2017/06/03 11:52:30 | 002,510,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll [2017/06/03 11:52:29 | 000,975,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe [2017/06/03 11:52:28 | 003,403,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll [2017/06/03 11:52:24 | 000,886,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll [2017/06/03 11:51:56 | 001,418,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certutil.exe [2017/06/03 11:51:36 | 000,266,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupSvc.dll [2017/06/03 11:50:57 | 004,744,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2017/06/03 11:50:43 | 002,538,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll [2017/06/03 11:49:34 | 001,513,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys [2017/06/03 11:49:25 | 000,351,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hnetcfg.dll [2017/06/03 11:49:09 | 003,615,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys [2017/06/03 11:49:05 | 002,475,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll [2017/06/03 11:48:59 | 001,131,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll [2017/06/03 11:48:49 | 001,490,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll [2017/06/03 11:48:47 | 000,834,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll [2017/06/03 11:48:34 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll [2017/06/03 11:46:42 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll [2017/06/03 11:40:59 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll [2017/06/03 09:36:03 | 000,835,576 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2017/06/03 09:36:03 | 000,177,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2017/06/01 15:09:34 | 000,247,063 | ---- | M] () -- C:\Users\Asus\Desktop\àÐÕÔ.jpeg [2017/05/30 14:13:53 | 000,254,880 | ---- | M] () -- C:\Users\Asus\Desktop\×Ò éÞ× ÜÛÕÜÝ ÐÑÙ.jpg [2017/05/29 17:26:05 | 000,090,816 | ---- | M] () -- C:\Users\Asus\Desktop\1juin.jpg [3 C:\Users\Asus\Desktop\*.tmp files -> C:\Users\Asus\Desktop\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2017/06/28 01:00:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2017/06/26 18:11:05 | 000,388,723 | ---- | C] () -- C:\Users\Asus\Desktop\ÔÛèÕÙÕê ÜÓêÙÙÝ - éÜÙé Òß âÓß - ÔÕÓâÕê.htm [2017/06/24 21:23:52 | 000,038,386 | ---- | C] () -- C:\Users\Asus\Desktop\KAMI.jpg [2017/06/23 00:27:08 | 002,048,496 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll [2017/06/23 00:26:16 | 002,681,200 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll [2017/06/07 17:46:55 | 000,073,917 | ---- | C] () -- C:\Users\Asus\Desktop\mos du coin.jpg [2017/06/07 01:47:26 | 000,061,304 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\lpsport.sys [2017/06/06 00:32:20 | 000,042,696 | ---- | C] () -- C:\Users\Asus\Desktop\w n.jpg [2017/06/01 15:09:34 | 000,247,063 | ---- | C] () -- C:\Users\Asus\Desktop\àÐÕÔ.jpeg [2017/05/31 18:08:46 | 000,001,244 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk [2017/05/30 14:13:10 | 000,254,880 | ---- | C] () -- C:\Users\Asus\Desktop\×Ò éÞ× ÜÛÕÜÝ ÐÑÙ.jpg [2017/05/29 17:26:04 | 000,090,816 | ---- | C] () -- C:\Users\Asus\Desktop\1juin.jpg [2017/05/10 12:30:07 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll [2017/03/16 17:52:33 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll [2017/03/09 02:16:06 | 000,099,464 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll [2016/10/02 11:22:26 | 001,545,048 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2016/10/02 11:18:59 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [2016/10/02 11:14:49 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2016/07/16 14:47:57 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2016/07/16 14:47:57 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2016/07/16 14:43:04 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2016/07/16 14:42:55 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat [2016/07/16 14:42:53 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2016/07/16 14:42:49 | 000,304,640 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll [2016/07/16 14:42:48 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2016/07/16 14:42:43 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2016/07/16 14:42:12 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2016/07/03 14:06:33 | 000,000,021 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\my_intel.sys [2016/02/29 19:28:24 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysWow64\CommonDL.dll [2016/02/29 19:28:24 | 000,002,760 | ---- | C] () -- C:\WINDOWS\SysWow64\lgAxconfig.ini [2016/02/25 22:27:31 | 000,000,017 | ---- | C] () -- C:\Users\Asus\AppData\Local\resmon.resmoncfg [2016/02/24 15:11:33 | 000,000,387 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\sp_data.sys [2015/08/13 01:51:13 | 000,000,000 | ---- | C] () -- C:\Users\Asus\AppData\Local\{AF6184A1-56C8-45E7-9F78-A6E3FEF1AF9F} [2015/07/07 19:55:21 | 000,000,000 | ---- | C] () -- C:\Users\Asus\AppData\Local\{87DC2B45-29C5-4317-BC94-8F40F853992E} [2015/06/11 01:45:41 | 000,000,000 | ---- | C] () -- C:\Users\Asus\AppData\Local\{1E74E489-E5D4-4872-84E8-7055587CDDED} [2015/05/31 17:10:44 | 000,000,000 | ---- | C] () -- C:\Users\Asus\AppData\Local\{AC276CAA-9FCE-4C08-BC95-55C7FB6B2CD0} [2014/10/26 21:08:04 | 000,000,000 | ---- | C] () -- C:\Users\Asus\AppData\Local\{2243C743-4E5B-4110-B4E1-D127E736C9E0} [2014/09/05 15:54:51 | 000,000,000 | ---- | C] () -- C:\Users\Asus\AppData\Local\{E4DAA857-396D-4D65-AD71-B07847414EAE} [2013/02/03 10:47:53 | 000,012,800 | ---- | C] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/06/28 01:44:29 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\windows.storage.dll -- [2017/04/28 03:40:18 | 007,220,184 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\windows.storage.dll -- [2017/04/28 03:46:03 | 005,722,320 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016/07/16 14:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 14:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/07/16 14:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2017/05/06 18:54:00 | 000,000,425 | ---- | M] () -- C:\AVScanner.ini [2009/07/14 04:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2015/10/30 10:18:34 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT [2009/07/29 09:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2016/12/11 19:14:13 | 000,000,000 | ---- | M] () -- C:\END [2017/06/27 10:36:05 | 3129,835,520 | -HS- | M] () -- C:\hiberfil.sys [2012/06/28 00:25:00 | 026,225,814 | ---- | M] () -- C:\inject.log.txt.bak [2017/06/23 11:11:17 | 4294,967,295 | -HS- | M] () -- C:\pagefile.sys [2017/06/28 01:00:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2017/06/23 11:11:17 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2012/08/20 16:50:18 | 006,293,504 | -H-- | M] () -- C:\X301A.BIN [2012/08/20 16:50:38 | 006,293,504 | -H-- | M] () -- C:\X301A1.BIN [2012/08/20 16:30:48 | 006,293,504 | -H-- | M] () -- C:\X401A.BIN [2012/08/20 16:48:18 | 006,293,504 | -H-- | M] () -- C:\X401A1.BIN [2012/08/20 15:47:06 | 006,293,504 | -H-- | M] () -- C:\X501A.BIN [2012/08/20 15:52:30 | 006,293,504 | -H-- | M] () -- C:\X501A1.BIN [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [2016/07/16 14:45:35 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini [color=#A23BEC]< %PROGRAMFILES%\*. >[/color] [2012/06/28 01:28:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe [2017/04/13 23:59:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASUS [2016/07/25 13:37:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVS4YOU [2016/12/14 23:29:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bluetooth Suite [2016/06/02 01:03:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Booking.com [2016/08/11 12:46:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Candleworks [2017/04/20 20:57:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files [2012/09/17 05:35:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink [2016/05/27 14:42:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FlyVPN [2016/01/17 15:39:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google [2016/07/25 13:49:25 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information [2016/02/24 17:27:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel [2017/03/19 04:53:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer [2016/07/25 14:28:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LG Electronics [2016/07/25 14:17:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MarkAny [2017/06/27 10:37:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee [2016/01/17 16:53:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft [2016/02/25 19:56:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Analysis Services [2016/02/25 19:59:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office [2017/06/23 11:11:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight [2016/02/25 20:00:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server [2012/06/28 01:39:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2016/10/02 11:27:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET [2017/06/23 11:11:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox [2017/06/23 11:11:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service [2016/10/02 11:36:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild [2016/12/21 15:46:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache [2016/04/06 17:08:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MyFree Codec [2016/09/15 13:25:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenVPN Technologies [2016/03/05 22:16:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PhotoFiltre 7 [2016/10/31 21:40:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PokerStars.FR [2012/09/17 05:11:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation [2016/01/17 17:17:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime [2012/09/17 05:07:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek [2016/10/02 11:36:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies [2016/07/25 13:49:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Samsung [2016/02/25 22:40:14 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype [2013/04/24 21:39:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SweetIM [2013/04/24 21:39:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\sweetpacks bundle uninstaller [2012/09/17 05:07:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp [2017/05/21 02:54:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TunnelBear [2009/07/14 07:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information [2013/04/24 21:41:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN [2016/02/25 19:14:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VS Revo Group [2013/05/21 21:48:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Webteh [2017/05/10 17:45:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender [2012/06/28 01:41:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live [2017/03/19 04:53:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail [2016/10/29 19:10:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player [2016/07/16 14:47:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Multimedia Platform [2016/07/16 14:47:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT [2017/05/10 17:45:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer [2016/07/16 14:47:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices [2016/10/02 11:27:54 | 000,000,000 | -HSD | M] -- C:\Program Files (x86)\Windows Sidebar [2016/07/16 14:47:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WindowsPowerShell [color=#A23BEC]< MD5 for: APPMGMTS.DLL >[/color] [2016/07/16 15:20:08 | 000,079,852 | ---- | M] () MD5=5C51EA48CF70DF395BCF71070A37A4BF -- C:\Windows\WinSxS\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.14393.0_none_b997fe31a71d079b\appmgmts.dll [2016/07/16 14:54:28 | 000,085,172 | ---- | M] () MD5=A4E77C5E8BAD978C86E5F1EA63B92EB6 -- C:\Windows\WinSxS\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_10.0.14393.0_none_af4353df72bc45a0\appmgmts.dll [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2016/07/16 14:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) MD5=A10F989A812B57B9695F6C305907C9C6 -- C:\WINDOWS\SysNative\drivers\atapi.sys [2016/07/16 14:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) MD5=A10F989A812B57B9695F6C305907C9C6 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_2e8db38129bb3260\atapi.sys [2016/07/16 14:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) MD5=A10F989A812B57B9695F6C305907C9C6 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_10.0.14393.953_none_170361fcbf7e14a8\atapi.sys [2017/04/01 19:48:11 | 000,000,012 | ---- | M] () MD5=D7E77A67DB9E24D7DB964C88AE694C71 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_10.0.14393.0_none_0aac9395383c7303\atapi.sys [color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color] [2016/07/16 14:43:50 | 000,968,704 | ---- | M] (Microsoft Corporation) MD5=4066535B4A326CFCD98850096468D0F0 -- C:\WINDOWS\SysNative\autochk.exe [2016/07/16 14:43:50 | 000,968,704 | ---- | M] (Microsoft Corporation) MD5=4066535B4A326CFCD98850096468D0F0 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_10.0.14393.0_none_0f6858c4d873c756\autochk.exe [2016/07/16 14:43:52 | 000,886,784 | ---- | M] (Microsoft Corporation) MD5=814B8F7C56B2AE547E82A90B451A0EED -- C:\Windows\SysWOW64\autochk.exe [2016/07/16 14:43:52 | 000,886,784 | ---- | M] (Microsoft Corporation) MD5=814B8F7C56B2AE547E82A90B451A0EED -- C:\Windows\WinSxS\wow64_microsoft-windows-autochk_31bf3856ad364e35_10.0.14393.0_none_19bd03170cd48951\autochk.exe [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2016/07/16 14:42:17 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=0A508274355745EEF01C6BE3198D02C4 -- C:\WINDOWS\SysNative\drivers\beep.sys [2016/07/16 14:42:17 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=0A508274355745EEF01C6BE3198D02C4 -- C:\Windows\WinSxS\amd64_microsoft-windows-beepsys_31bf3856ad364e35_10.0.14393.0_none_f1950cce1e4fecc2\beep.sys [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2017/05/11 15:59:33 | 000,347,063 | ---- | M] () MD5=31EF6A06D79613926945E4A1786067EE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.0_none_7f29128d906f1326\explorer.exe [2017/05/11 16:22:16 | 000,280,012 | ---- | M] () MD5=3BF9E7164529EF8827B2F9066F0ACE42 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.0_none_897dbcdfc4cfd521\explorer.exe [2017/04/28 03:34:21 | 004,674,360 | ---- | M] (Microsoft Corporation) MD5=679D17F8CDB938C7100D7A647953677E -- C:\Windows\explorer.exe [2017/04/28 03:34:21 | 004,674,360 | ---- | M] (Microsoft Corporation) MD5=679D17F8CDB938C7100D7A647953677E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.1198_none_c779cf77d4492ac1\explorer.exe [2017/04/28 03:39:22 | 004,312,248 | ---- | M] (Microsoft Corporation) MD5=6E46F7CBC16009E381015C69F4FA22B1 -- C:\Windows\SysWOW64\explorer.exe [2017/04/28 03:39:22 | 004,312,248 | ---- | M] (Microsoft Corporation) MD5=6E46F7CBC16009E381015C69F4FA22B1 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.1198_none_d1ce79ca08a9ecbc\explorer.exe [color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color] [2016/07/16 14:42:46 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=BE6A279ED7023652DD94FA19E9B27882 -- C:\Windows\SysWOW64\hidserv.dll [2016/07/16 14:42:46 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=BE6A279ED7023652DD94FA19E9B27882 -- C:\Windows\WinSxS\wow64_microsoft-windows-hid-user_31bf3856ad364e35_10.0.14393.0_none_0e755e3ad2820e99\hidserv.dll [2016/07/16 14:42:18 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=C900FE0DD6A1E2220084B8F1C427790C -- C:\WINDOWS\SysNative\hidserv.dll [2016/07/16 14:42:18 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=C900FE0DD6A1E2220084B8F1C427790C -- C:\Windows\WinSxS\amd64_microsoft-windows-hid-user_31bf3856ad364e35_10.0.14393.0_none_0420b3e89e214c9e\hidserv.dll [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2016/07/16 14:41:53 | 000,412,000 | ---- | M] (Intel Corporation) MD5=8350FE3BCDE3428BC040877BB7E9EAEB -- C:\WINDOWS\SysNative\drivers\iaStorV.sys [2016/07/16 14:41:53 | 000,412,000 | ---- | M] (Intel Corporation) MD5=8350FE3BCDE3428BC040877BB7E9EAEB -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys [2016/07/16 14:41:53 | 000,412,000 | ---- | M] (Intel Corporation) MD5=8350FE3BCDE3428BC040877BB7E9EAEB -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_10.0.14393.0_none_dc85bdf39e7a9ef6\iaStorV.sys [color=#A23BEC]< MD5 for: IMM32.DLL >[/color] [2016/07/16 14:42:49 | 000,144,632 | ---- | M] (Microsoft Corporation) MD5=203F58BA41B48A59D6A047E0233DB422 -- C:\Windows\SysWOW64\imm32.dll [2016/07/16 14:42:49 | 000,144,632 | ---- | M] (Microsoft Corporation) MD5=203F58BA41B48A59D6A047E0233DB422 -- C:\Windows\WinSxS\wow64_microsoft-windows-imm32_31bf3856ad364e35_10.0.14393.0_none_941f33e3c57e6364\imm32.dll [2016/07/16 14:42:23 | 000,175,672 | ---- | M] (Microsoft Corporation) MD5=E1024CF2E35DD3467F52BC83F7FEDA3F -- C:\WINDOWS\SysNative\imm32.dll [2016/07/16 14:42:23 | 000,175,672 | ---- | M] (Microsoft Corporation) MD5=E1024CF2E35DD3467F52BC83F7FEDA3F -- C:\Windows\WinSxS\amd64_microsoft-windows-imm32_31bf3856ad364e35_10.0.14393.0_none_89ca8991911da169\imm32.dll [color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color] [2017/05/11 16:02:44 | 000,022,533 | ---- | M] () MD5=37FD8C5C46CB759A0D9A45D349E00908 -- C:\Windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.14393.0_none_c13250bc6cfe2d15\kernel32.dll [2017/04/28 03:49:43 | 000,700,936 | ---- | M] (Microsoft Corporation) MD5=951FF70440427DA334B6579D71A19480 -- C:\WINDOWS\SysNative\kernel32.dll [2017/04/28 03:49:43 | 000,700,936 | ---- | M] (Microsoft Corporation) MD5=951FF70440427DA334B6579D71A19480 -- C:\Windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.14393.1198_none_09830da6b0d844b0\kernel32.dll [2017/05/11 16:26:27 | 000,018,420 | ---- | M] () MD5=9E45B8D456504CF82C2DF096216D5213 -- C:\Windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.14393.0_none_cb86fb0ea15eef10\kernel32.dll [2017/04/28 03:53:36 | 000,616,048 | ---- | M] (Microsoft Corporation) MD5=C84D75BD0ACF2C963F5006876BE6BA7C -- C:\Windows\SysWOW64\kernel32.dll [2017/04/28 03:53:36 | 000,616,048 | ---- | M] (Microsoft Corporation) MD5=C84D75BD0ACF2C963F5006876BE6BA7C -- C:\Windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.14393.1198_none_13d7b7f8e53906ab\kernel32.dll [color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color] [2016/07/16 14:42:27 | 000,357,216 | ---- | M] (Microsoft Corporation) MD5=10A6561536EC8ECC53BE5EABC40177A1 -- C:\WINDOWS\SysNative\mswsock.dll [2016/07/16 14:42:27 | 000,357,216 | ---- | M] (Microsoft Corporation) MD5=10A6561536EC8ECC53BE5EABC40177A1 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.14393.0_none_e5c7c28143fe62f5\mswsock.dll [2016/07/16 14:42:55 | 000,306,016 | ---- | M] (Microsoft Corporation) MD5=8E6958813B6FAAFF8A6EE9F2A7040299 -- C:\Windows\SysWOW64\mswsock.dll [2016/07/16 14:42:55 | 000,306,016 | ---- | M] (Microsoft Corporation) MD5=8E6958813B6FAAFF8A6EE9F2A7040299 -- C:\Windows\WinSxS\wow64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.14393.0_none_f01c6cd3785f24f0\mswsock.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2017/06/03 12:59:40 | 001,181,024 | ---- | M] (Microsoft Corporation) MD5=A530D0C58A657BCD1629816B887661CB -- C:\WINDOWS\SysNative\drivers\ndis.sys [2017/06/03 12:59:40 | 001,181,024 | ---- | M] (Microsoft Corporation) MD5=A530D0C58A657BCD1629816B887661CB -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.14393.1358_none_cf01059a82ac9a45\ndis.sys [2017/06/23 15:35:17 | 000,083,609 | ---- | M] () MD5=FC6DEA61CA661D694BE9E0CDF4B84B21 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.14393.0_none_86c9e9b03ebeb024\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2016/07/16 14:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=38315FF91B99DCA9468827D8DB22D08B -- C:\WINDOWS\SysNative\netlogon.dll [2016/07/16 14:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=38315FF91B99DCA9468827D8DB22D08B -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.14393.0_none_2b2c22be4eac8cbe\netlogon.dll [2016/07/16 14:42:55 | 000,670,720 | ---- | M] (Microsoft Corporation) MD5=C4A39409D825D4808832C7B9243FC9B7 -- C:\Windows\SysWOW64\netlogon.dll [2016/07/16 14:42:55 | 000,670,720 | ---- | M] (Microsoft Corporation) MD5=C4A39409D825D4808832C7B9243FC9B7 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.14393.0_none_3580cd10830d4eb9\netlogon.dll [color=#A23BEC]< MD5 for: NTFS.SYS >[/color] [2017/04/28 03:52:51 | 002,255,712 | ---- | M] (Microsoft Corporation) MD5=8DB6A6B731CEC9046CD8CA0267EC5679 -- C:\WINDOWS\SysNative\drivers\ntfs.sys [2017/04/28 03:52:51 | 002,255,712 | ---- | M] (Microsoft Corporation) MD5=8DB6A6B731CEC9046CD8CA0267EC5679 -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_10.0.14393.1198_none_1c36522277785595\ntfs.sys [2017/05/11 16:05:25 | 000,198,578 | ---- | M] () MD5=96E5D5852484670D532EBB28D56AB72D -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_10.0.14393.0_none_d3e59538339e3dfa\ntfs.sys [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2016/07/16 14:41:53 | 000,166,240 | ---- | M] (NVIDIA Corporation) MD5=23B702B555EB0436B9DAA0BC63DA65CE -- C:\WINDOWS\SysNative\drivers\nvstor.sys [2016/07/16 14:41:53 | 000,166,240 | ---- | M] (NVIDIA Corporation) MD5=23B702B555EB0436B9DAA0BC63DA65CE -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_aba0759e741b93b4\nvstor.sys [2016/07/16 14:41:53 | 000,166,240 | ---- | M] (NVIDIA Corporation) MD5=23B702B555EB0436B9DAA0BC63DA65CE -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_10.0.14393.1198_none_af9feb8d198b6069\nvstor.sys [2017/05/11 16:16:01 | 000,000,012 | ---- | M] () MD5=C59F4BFD7E811C0185CF3A2B1AF9E245 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_10.0.14393.0_none_674f2ea2d5b148ce\nvstor.sys [color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color] [2016/07/16 14:42:19 | 000,034,304 | ---- | M] (Microsoft Corporation) MD5=802CD1CDD76235BEEFA5406F0A5773A6 -- C:\WINDOWS\SysNative\proquota.exe [2016/07/16 14:42:19 | 000,034,304 | ---- | M] (Microsoft Corporation) MD5=802CD1CDD76235BEEFA5406F0A5773A6 -- C:\Windows\WinSxS\amd64_microsoft-windows-proquota_31bf3856ad364e35_10.0.14393.0_none_553b6352a917cc50\proquota.exe [2016/07/16 14:42:48 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=A7A8990035457CE44E9565363A872784 -- C:\Windows\SysWOW64\proquota.exe [2016/07/16 14:42:48 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=A7A8990035457CE44E9565363A872784 -- C:\Windows\WinSxS\x86_microsoft-windows-proquota_31bf3856ad364e35_10.0.14393.0_none_f91cc7cef0ba5b1a\proquota.exe [color=#A23BEC]< MD5 for: QMGR.DLL >[/color] [2016/10/29 20:20:44 | 000,148,713 | ---- | M] () MD5=19327CF1F137DB6F1D840181975A263E -- C:\Windows\WinSxS\amd64_microsoft-windows-bits-client-core_31bf3856ad364e35_10.0.14393.0_none_53b94852a189821f\qmgr.dll [2016/10/15 06:48:52 | 001,054,208 | ---- | M] (Microsoft Corporation) MD5=D876C567AB767258036F05E4766189FD -- C:\WINDOWS\SysNative\qmgr.dll [2016/10/15 06:48:52 | 001,054,208 | ---- | M] (Microsoft Corporation) MD5=D876C567AB767258036F05E4766189FD -- C:\Windows\WinSxS\amd64_microsoft-windows-bits-client-core_31bf3856ad364e35_10.0.14393.351_none_600e0ac228cd022c\qmgr.dll [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2016/07/16 14:42:32 | 000,270,336 | ---- | M] (Microsoft Corporation) MD5=7ED53A9C37AE7ADE2A72A1C2EE86879B -- C:\WINDOWS\SysNative\scecli.dll [2016/07/16 14:42:32 | 000,270,336 | ---- | M] (Microsoft Corporation) MD5=7ED53A9C37AE7ADE2A72A1C2EE86879B -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.14393.0_none_65824dd6efce1379\scecli.dll [2016/07/16 14:43:01 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=C8AEECE11B63D90D4FFE43CFDF1A04A8 -- C:\Windows\SysWOW64\scecli.dll [2016/07/16 14:43:01 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=C8AEECE11B63D90D4FFE43CFDF1A04A8 -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.14393.0_none_6fd6f829242ed574\scecli.dll [color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color] [2017/03/04 09:08:30 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1DFE222F8D6A422B7ADC909E0C8840DA -- C:\WINDOWS\SysNative\spoolsv.exe [2017/03/04 09:08:30 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1DFE222F8D6A422B7ADC909E0C8840DA -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_10.0.14393.953_none_1016dd045f7d0b22\spoolsv.exe [2017/04/01 19:36:04 | 000,071,893 | ---- | M] () MD5=F39CD1B956ACD195A594D51ACBC76A1A -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_10.0.14393.0_none_03c00e9cd83b697d\spoolsv.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2016/07/16 14:42:55 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=1F8434DD4907C832E6E90D6298EAB85B -- C:\Windows\SysWOW64\svchost.exe [2016/07/16 14:42:55 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=1F8434DD4907C832E6E90D6298EAB85B -- C:\Windows\WinSxS\wow64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.14393.0_none_ed846f6e50612447\svchost.exe [2016/07/16 14:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) MD5=36F670D89040709013F6A460176767EC -- C:\WINDOWS\SysNative\svchost.exe [2016/07/16 14:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) MD5=36F670D89040709013F6A460176767EC -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.14393.0_none_e32fc51c1c00624c\svchost.exe [color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color] [2017/05/11 16:10:00 | 000,000,012 | ---- | M] () MD5=C59F4BFD7E811C0185CF3A2B1AF9E245 -- C:\Windows\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_10.0.14393.0_none_bc13ad436af6bbc9\termsrv.dll [2016/07/16 14:42:34 | 000,987,648 | ---- | M] (Microsoft Corporation) MD5=FB68E5F02316C42BE7282DA492351C6F -- C:\WINDOWS\SysNative\termsrv.dll [2016/07/16 14:42:34 | 000,987,648 | ---- | M] (Microsoft Corporation) MD5=FB68E5F02316C42BE7282DA492351C6F -- C:\Windows\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_10.0.14393.1198_none_04646a2daed0d364\termsrv.dll [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2016/07/16 14:42:27 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=C1B1FFC800BE2F31EB2CF8CB40629C69 -- C:\WINDOWS\SysNative\userinit.exe [2016/07/16 14:42:27 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=C1B1FFC800BE2F31EB2CF8CB40629C69 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_10.0.14393.0_none_099d2590e8629c72\userinit.exe [2016/07/16 14:42:55 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=FA900E6CCCF0A429D5B720C6F0E2274B -- C:\Windows\SysWOW64\userinit.exe [2016/07/16 14:42:55 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=FA900E6CCCF0A429D5B720C6F0E2274B -- C:\Windows\WinSxS\wow64_microsoft-windows-userinit_31bf3856ad364e35_10.0.14393.0_none_13f1cfe31cc35e6d\userinit.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2016/07/16 14:42:35 | 000,391,520 | ---- | M] (Microsoft Corporation) MD5=BF2546583BB75F01DDA60A7921DFB230 -- C:\WINDOWS\SysNative\drivers\volsnap.sys [2016/07/16 14:42:35 | 000,391,520 | ---- | M] (Microsoft Corporation) MD5=BF2546583BB75F01DDA60A7921DFB230 -- C:\Windows\WinSxS\amd64_microsoft-windows-volsnap_31bf3856ad364e35_10.0.14393.0_none_8c9e6103b822e42e\volsnap.sys [color=#A23BEC]< MD5 for: WININET.DLL >[/color] [2017/04/28 02:54:26 | 002,483,200 | ---- | M] (Microsoft Corporation) MD5=51DD03D515DAAC9113B4D350D63C5229 -- C:\Windows\SysWOW64\wininet.dll [2017/04/28 02:54:26 | 002,483,200 | ---- | M] (Microsoft Corporation) MD5=51DD03D515DAAC9113B4D350D63C5229 -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.14393.1198_none_5f4794526d76f49b\wininet.dll [2017/05/11 16:37:38 | 000,343,789 | ---- | M] () MD5=AF47C6B7BEE0EDF843F31AC51E0CCFE4 -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.14393.0_none_07303e4d6b0222ee\wininet.dll [2017/04/28 02:37:12 | 002,895,872 | ---- | M] (Microsoft Corporation) MD5=B9727FA7889DD6FCE4F7C27F8879A7F4 -- C:\WINDOWS\SysNative\wininet.dll [2017/04/28 02:37:12 | 002,895,872 | ---- | M] (Microsoft Corporation) MD5=B9727FA7889DD6FCE4F7C27F8879A7F4 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.14393.1198_none_bb662fd625d465d1\wininet.dll [2017/05/11 16:00:52 | 000,402,024 | ---- | M] () MD5=FF91BB3A695FA0760DE795D0F8E6D3DE -- C:\Windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.0.14393.0_none_634ed9d1235f9424\wininet.dll [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2016/07/16 14:42:27 | 000,304,240 | ---- | M] (Microsoft Corporation) MD5=99A19C9A74E2F9820E501DCE77F84F70 -- C:\WINDOWS\SysNative\wininit.exe [2016/07/16 14:42:27 | 000,304,240 | ---- | M] (Microsoft Corporation) MD5=99A19C9A74E2F9820E501DCE77F84F70 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_10.0.14393.0_none_5e67244a1b034b09\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2017/05/11 16:12:52 | 000,059,386 | ---- | M] () MD5=489FD9DB6E017DAB5C1A4B0CB2F71125 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.14393.0_none_9d376c91eba4205c\winlogon.exe [2017/05/11 16:12:52 | 000,059,386 | ---- | M] () MD5=489FD9DB6E017DAB5C1A4B0CB2F71125 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.14393.0_none_9d376c91eba4205c\winlogon.exe [2017/04/28 02:39:18 | 000,673,792 | ---- | M] (Microsoft Corporation) MD5=B2151FE002A8D3F41E2DF935F260E3A8 -- C:\WINDOWS\SysNative\winlogon.exe [2017/04/28 02:39:18 | 000,673,792 | ---- | M] (Microsoft Corporation) MD5=B2151FE002A8D3F41E2DF935F260E3A8 -- C:\WINDOWS\SysNative\winlogon.exe [2017/04/28 02:39:18 | 000,673,792 | ---- | M] (Microsoft Corporation) MD5=B2151FE002A8D3F41E2DF935F260E3A8 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.14393.1198_none_e588297c2f7e37f7\winlogon.exe [2017/04/28 02:39:18 | 000,673,792 | ---- | M] (Microsoft Corporation) MD5=B2151FE002A8D3F41E2DF935F260E3A8 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.14393.1198_none_e588297c2f7e37f7\winlogon.exe [color=#A23BEC]< MD5 for: WS2_32.DLL >[/color] [2016/10/02 12:00:02 | 000,424,640 | ---- | M] (Microsoft Corporation) MD5=19DBA20EA39E641B940156DF8D2E96E2 -- C:\WINDOWS\SysNative\ws2_32.dll [2016/10/02 12:00:02 | 000,424,640 | ---- | M] (Microsoft Corporation) MD5=19DBA20EA39E641B940156DF8D2E96E2 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.14393.206_none_2cbbedd56c1f200f\ws2_32.dll [2016/10/02 11:59:50 | 000,402,352 | ---- | M] (Microsoft Corporation) MD5=7A262815259F912431813FEF6C2F8E0B -- C:\Windows\SysWOW64\ws2_32.dll [2016/10/02 11:59:50 | 000,402,352 | ---- | M] (Microsoft Corporation) MD5=7A262815259F912431813FEF6C2F8E0B -- C:\Windows\WinSxS\wow64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.14393.206_none_37109827a07fe20a\ws2_32.dll [2016/10/09 14:59:51 | 000,034,868 | ---- | M] () MD5=9019DF66FDD0111F943383ECB3744A5C -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.14393.0_none_202c1c3de508aa2b\ws2_32.dll [2016/10/10 14:37:17 | 000,038,600 | ---- | M] () MD5=C7602F8CD440B284FF22F38ED9B9407B -- C:\Windows\WinSxS\wow64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.14393.0_none_2a80c69019696c26\ws2_32.dll [color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\Curr entControlSet\Control\Session Manager\SubSystems /s >[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\ *.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\* .sav >[/color] [color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color] [2016/03/04 16:36:18 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-18\desktop.ini [2012/10/12 15:20:09 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-20\desktop.ini [2012/12/19 19:05:28 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$I00YY1S.jpg [2012/12/19 19:05:28 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$I1J5UYV.jpg [2012/12/19 19:05:28 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$I6J9WWZ.jpg [2012/10/11 13:50:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$I8QD9YU [2012/12/19 19:05:28 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$IA9JV6W.jpg [2015/09/06 13:40:25 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$IMRHX12 [2016/07/19 22:34:56 | 000,000,132 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$IP1UGEL.lnk [2012/12/19 19:05:28 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$IQWKP1F.jpg [2012/12/19 19:05:28 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$IY4K4NC.jpg [2012/10/03 21:41:06 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\desktop.ini [2015/01/29 01:02:06 | 000,000,146 | -H-- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\desktop.ini [2015/01/29 01:02:06 | 000,000,146 | -H-- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\ÛÜÜÙ - ÜÔÓäáÔ\desktop.ini [2015/01/21 15:05:37 | 000,127,080 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\ÛÜÜÙ - ÜÔÓäáÔ\Óã ÞâçÑ éÙâÕèÙ êÜÞÙÓ - ÜÔÓäÙá ÜÛÜ êÜÞÙÓ.pdf [2015/01/21 15:05:48 | 000,125,443 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\ÛÜÜÙ - ÜÔÓäáÔ\ÜÙÞÕÓ ÞÙÜÙÝ ×ÓéÕê - ÜÔÓäÙá ÜÛÜ êÜÞÙÓ.pdf [2015/03/19 11:01:13 | 000,000,146 | -H-- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\àâÝ ×ÓÓ\desktop.ini [2015/03/19 11:01:13 | 000,000,146 | -H-- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\àâÝ ×ÓÓ\ÞêÞØÙçÔ\desktop.ini [2015/03/19 11:01:14 | 000,000,146 | -H-- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\àâÝ ×ÓÓ\ÞêÞØÙçÔ\×ÙÑÕè Õ×ÙáÕè\desktop.ini [2015/03/09 10:51:59 | 000,355,337 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\àâÝ ×ÓÓ\ÞêÞØÙçÔ\×ÙÑÕè Õ×ÙáÕè\×ÙáÕè ÑÞÐÕàÚ - êèÒÕÜ ÕÔáÑè.pdf [2015/02/11 11:50:44 | 000,000,146 | -H-- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\éÙ ØÙÞáÙØ\desktop.ini [2015/03/09 10:34:16 | 000,427,588 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\éÙ ØÙÞáÙØ\ÔÑàê ÔàçèÐ - èÞÔ 1 - 01 - ÜÞÔ ÐÙß ×Õäé Ñ×Õäé ÔÒÓÕÜ.pdf [2015/02/23 10:38:32 | 000,410,903 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\éÙ ØÙÞáÙØ\ÔÑàê ÔàçèÐ - èÞÔ 1 - 03 - ÔÛÜÑ ØàÒÕ.pdf [2015/02/23 10:38:35 | 000,274,576 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\éÙ ØÙÞáÙØ\ÔÑàê ÔàçèÐ - èÞÔ 2 - 01 - áÕäèÞß.pdf [2015/02/10 13:43:09 | 000,192,598 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\éÙ ØÙÞáÙØ\áÙäÕè 1- Ð¸× Ò¼¸ÓÕ¹Ü Ð¸×Õ¹ê ç°Ø·à¼¸Ô.pdf [2015/02/09 23:26:35 | 000,197,439 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\éÙ ØÙÞáÙØ\áÙäÕè 2- Ü°Ò·Ó¼µÜ Û¼¶Ü¶Ñ.pdf [2015/02/23 10:38:39 | 000,317,491 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1000\$RMRHX12\éÙ ØÙÞáÙØ\æÙèÕã áÞÙÛÕê - Óã âÑÕÓÔ.pdf [2016/03/01 12:33:36 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-1003\desktop.ini [2012/09/17 04:58:15 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-148872227-2903956755-3046146252-500\desktop.ini [color=#E56717]========== Files - Unicode (All) ==========[/color] [2017/03/31 21:21:32 | 003,132,760 | ---- | M] ()(C:\Users\Asus\Desktop\Esther Galil - Le Jour Se L?ve 1971.mp3) -- C:\Users\Asus\Desktop\Esther Galil - Le Jour Se Lève 1971.mp3 [2017/03/31 21:20:59 | 003,132,760 | ---- | C] ()(C:\Users\Asus\Desktop\Esther Galil - Le Jour Se L?ve 1971.mp3) -- C:\Users\Asus\Desktop\Esther Galil - Le Jour Se Lève 1971.mp3 [2017/01/02 04:13:24 | 000,000,251 | ---- | M] ()(C:\Users\Asus\Desktop\L enfer du devoir Saison 3 Streaming Streaming S?ries Gratuit - Part 8.URL) -- C:\Users\Asus\Desktop\L enfer du devoir Saison 3 Streaming Streaming Séries Gratuit - Part 8.URL [2017/01/02 04:13:24 | 000,000,251 | ---- | C] ()(C:\Users\Asus\Desktop\L enfer du devoir Saison 3 Streaming Streaming S?ries Gratuit - Part 8.URL) -- C:\Users\Asus\Desktop\L enfer du devoir Saison 3 Streaming Streaming Séries Gratuit - Part 8.URL [2016/02/29 13:01:27 | 000,000,000 | ---D | M](C:\Users\Asus\Documents\Mod?les Office personnalis?s) -- C:\Users\Asus\Documents\Modèles Office personnalisés [2016/02/29 13:01:27 | 000,000,000 | ---D | C](C:\Users\Asus\Documents\Mod?les Office personnalis?s) -- C:\Users\Asus\Documents\Modèles Office personnalisés [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:373E1720 @Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:8AD1F2E0 < End of report >