OTL logfile created on: 01/09/2017 14:47:19 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Maintenance 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.15063.0) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 7,98 Gb Total Physical Memory | 5,64 Gb Available Physical Memory | 70,63% Memory free 9,23 Gb Paging File | 6,89 Gb Available in Paging File | 74,67% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 482,05 Gb Total Space | 443,00 Gb Free Space | 91,90% Space Free | Partition Type: NTFS Drive D: | 448,54 Gb Total Space | 250,39 Gb Free Space | 55,82% Space Free | Partition Type: NTFS Drive E: | 232,88 Gb Total Space | 185,64 Gb Free Space | 79,71% Space Free | Partition Type: NTFS Drive F: | 295,43 Gb Total Space | 159,66 Gb Free Space | 54,04% Space Free | Partition Type: NTFS Drive G: | 15,10 Gb Total Space | 14,54 Gb Free Space | 96,33% Space Free | Partition Type: FAT32 Drive H: | 149,05 Gb Total Space | 121,25 Gb Free Space | 81,35% Space Free | Partition Type: NTFS Drive J: | 170,33 Gb Total Space | 169,96 Gb Free Space | 99,78% Space Free | Partition Type: NTFS Drive N: | 149,05 Gb Total Space | 15,06 Gb Free Space | 10,10% Space Free | Partition Type: NTFS Computer Name: DESKTOP-JAF8GDM | User Name: senio | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - File not found PRC - C:\Maintenance\OTL RTépare PC.exe (OldTimer Tools) PRC - C:\Users\senio\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis) PRC - C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe (IObit) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\SysWOW64\fontdrvhost.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit) PRC - C:\Program Files (x86)\Ant Download Manager\AntDM.exe (AntGROUP) PRC - C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Ant Download Manager\antMR.exe (AntGROUP) PRC - C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe () PRC - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (IObit) PRC - C:\Program Files (x86)\Ditto\Ditto.exe () PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\ACD Systems\ACDSee\16.0\acdIDInTouch2.exe (ACD Systems) PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) PRC - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis) PRC - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis) PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe () [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Program Files\AVAST Software\Avast\AvChrome.dll () MOD - C:\Program Files\AVAST Software\Avast\tasks_core.dll () MOD - C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll () MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll () MOD - C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll () MOD - C:\Program Files\AVAST Software\Avast\libcef.dll () MOD - C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll () MOD - C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe () MOD - C:\Program Files (x86)\Ditto\Ditto.exe () MOD - C:\Program Files (x86)\IObit\Advanced SystemCare\GetProcessDLL.dll () MOD - C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl () MOD - C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl () MOD - C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl () MOD - C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll () MOD - C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll () MOD - C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll () MOD - C:\Program Files (x86)\RocketDock\RocketDock.exe () MOD - C:\Program Files (x86)\RocketDock\RocketDock.dll () [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV:[b]64bit:[/b] - (aswbIDSAgent) -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (AVAST Software s.r.o.) SRV:[b]64bit:[/b] - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (AppVClient) -- C:\Windows\SysNative\AppVClient.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (Sense) -- C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (UevAgentService) -- C:\Windows\SysNative\AgentService.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WpnUserService_44fca) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (UserDataSvc_44fca) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (UnistoreSvc_44fca) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (PimIndexMaintenanceSvc_44fca) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (OneSyncSvc_44fca) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (MessagingService_44fca) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (DevicesFlowUserSvc_44fca) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (CDPUserSvc_44fca) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (xbgm) -- C:\Windows\SysNative\xbgmsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation) SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation) SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation) SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation) SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (HPSupportSolutionsFrameworkService) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Inc.) SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation) SRV - (AdvancedSystemCareService10) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (IObit) SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation) SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (syncagentsrv) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis) SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - (aswSnx) -- C:\Windows\SysNative\drivers\aswsnx.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswmonflt.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswblog) -- C:\Windows\SysNative\drivers\aswbloga.sys (AVAST Software s.r.o.) DRV:[b]64bit:[/b] - (aswbidsdriver) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys (AVAST Software s.r.o.) DRV:[b]64bit:[/b] - (aswbidsh) -- C:\Windows\SysNative\drivers\aswbidsha.sys (AVAST Software s.r.o.) DRV:[b]64bit:[/b] - (aswbuniv) -- C:\Windows\SysNative\drivers\aswbuniva.sys (AVAST Software s.r.o.) DRV:[b]64bit:[/b] - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation) DRV:[b]64bit:[/b] - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis) DRV:[b]64bit:[/b] - (tdrpman) -- C:\Windows\SysNative\drivers\tdrpman.sys (Acronis International GmbH) DRV:[b]64bit:[/b] - (tib) -- C:\Windows\SysNative\drivers\tib.sys (Acronis International GmbH) DRV:[b]64bit:[/b] - (tib_mounter) -- C:\Windows\SysNative\drivers\tib_mounter.sys (Acronis) DRV:[b]64bit:[/b] - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis) DRV:[b]64bit:[/b] - (fltsrv) -- C:\Windows\SysNative\drivers\fltsrv.sys (Acronis International GmbH) DRV:[b]64bit:[/b] - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software) DRV:[b]64bit:[/b] - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation) DRV:[b]64bit:[/b] - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (MsSecFlt) -- C:\Windows\SysNative\drivers\mssecflt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UevAgentDriver) -- C:\Windows\SysNative\drivers\UevAgentDriver.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (AppvVemgr) -- C:\Windows\SysNative\drivers\AppvVemgr.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (AppvVfs) -- C:\Windows\SysNative\drivers\AppvVfs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (AppvStrm) -- C:\Windows\SysNative\drivers\AppVStrm.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (clreg) -- C:\Windows\SysNative\drivers\registry.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation) DRV:[b]64bit:[/b] - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation) DRV:[b]64bit:[/b] - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation) DRV:[b]64bit:[/b] - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation) DRV:[b]64bit:[/b] - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation) DRV:[b]64bit:[/b] - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation) DRV:[b]64bit:[/b] - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation) DRV:[b]64bit:[/b] - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek ) DRV:[b]64bit:[/b] - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (nvdimmn) -- C:\Windows\SysNative\drivers\nvdimmn.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys () DRV:[b]64bit:[/b] - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications) DRV:[b]64bit:[/b] - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra) DRV:[b]64bit:[/b] - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox) DRV:[b]64bit:[/b] - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox) DRV:[b]64bit:[/b] - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications) DRV:[b]64bit:[/b] - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation) DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:[b]64bit:[/b] - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation) DRV:[b]64bit:[/b] - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox) DRV:[b]64bit:[/b] - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI) DRV:[b]64bit:[/b] - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies) DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation) DRV:[b]64bit:[/b] - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox) DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:[b]64bit:[/b] - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies) DRV:[b]64bit:[/b] - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:[b]64bit:[/b] - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies) DRV:[b]64bit:[/b] - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies) DRV:[b]64bit:[/b] - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox) DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.) DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider) DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation) DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation) DRV:[b]64bit:[/b] - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation) DRV:[b]64bit:[/b] - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation) DRV:[b]64bit:[/b] - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WirelessKeyboardFilter) -- C:\Windows\SysNative\drivers\WirelessKeyboardFilter.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation) DRV:[b]64bit:[/b] - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ptun0901) -- C:\Windows\SysNative\drivers\ptun0901.sys (The OpenVPN Project) DRV:[b]64bit:[/b] - (ampa) -- C:\Windows\SysNative\ampa.sys () DRV:[b]64bit:[/b] - (ddmdrv) -- C:\Windows\SysNative\ddmdrv.sys () DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys (Microsoft Corporation) DRV - (ampa) -- C:\Windows\SysWOW64\ampa.sys () DRV - (ddmdrv) -- C:\Windows\SysWOW64\ddmdrv.sys () [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 33 00 00 00 59 AF 2A F2 D0 40 31 FE A1 CF 50 32 9D 06 4C F0 8E 19 16 0D 93 28 58 27 AC CE FD B9 30 C2 B0 E5 AF 3D 92 69 AF E1 70 6B 2D 68 43 A4 C7 52 9A 47 E4 D7 F9 02 00 00 00 10 00 00 00 35 41 31 58 6C 63 25 32 62 78 6A 33 67 25 33 64 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "FR" FF - prefs.js..browser.search.region: "FR" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:54.0.1 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 54.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 54.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2017/09/01 09:50:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 52.3.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 52.3.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\antff@antdownloadmanager.com: C:\Program Files (x86)\Ant Download Manager\antFF\antFF2.xpi [2017/04/16 14:30:18 | 000,383,922 | ---- | M] () FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 54.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 54.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2017/09/01 09:50:08 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 52.3.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 52.3.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\antgroup@antdownloadmanager.com: C:\Program Files (x86)\Ant Download Manager\antFF\antFF.xpi [2016/12/19 09:19:24 | 000,027,148 | ---- | M] () FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\antff.popup.helper@antdownloadmanager.com: C:\Program Files (x86)\Ant Download Manager\antFF\antff.popup.helper.xpi [2017/04/12 11:54:18 | 000,388,746 | ---- | M] () FF - HKEY_CURRENT_USER\software\mozilla\Waterfox\Extensions\\antgroup@antdownloadmanager.com: C:\Program Files (x86)\Ant Download Manager\antFF\antFF.xpi [2016/12/19 09:19:24 | 000,027,148 | ---- | M] () FF - HKEY_CURRENT_USER\software\mozilla\Waterfox\Extensions\\antff.popup.helper@antdownloadmanager.com: C:\Program Files (x86)\Ant Download Manager\antFF\antff.popup.helper.xpi [2017/04/12 11:54:18 | 000,388,746 | ---- | M] () [2017/06/06 18:12:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\senio\AppData\Roaming\mozilla\Extensions [2017/07/24 18:05:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\senio\AppData\Roaming\mozilla\Firefox\Profiles\elbe2yn0.default\browser-extension-data [2017/07/24 18:05:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\senio\AppData\Roaming\mozilla\Firefox\Profiles\elbe2yn0.default\browser-extension-data\wrc@avast.com [2017/08/23 16:26:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\senio\AppData\Roaming\mozilla\Firefox\Profiles\elbe2yn0.default\extensions [2017/07/18 11:37:39 | 000,352,827 | ---- | M] () (No name found) -- C:\Users\senio\AppData\Roaming\mozilla\firefox\profiles\elbe2yn0.default\extensions\sp@avast.com.xpi [2017/07/18 11:37:43 | 000,694,121 | ---- | M] () (No name found) -- C:\Users\senio\AppData\Roaming\mozilla\firefox\profiles\elbe2yn0.default\extensions\wrc@avast.com.xpi [2017/08/15 16:03:33 | 000,008,945 | ---- | M] () (No name found) -- C:\Users\senio\AppData\Roaming\mozilla\firefox\profiles\elbe2yn0.default\features\{aee4fbdb-6444-4c10-80f1-7f78f2381ba5}\e10srollout@mozilla.org.xpi [2017/08/15 16:03:33 | 000,009,974 | ---- | M] () (No name found) -- C:\Users\senio\AppData\Roaming\mozilla\firefox\profiles\elbe2yn0.default\features\{aee4fbdb-6444-4c10-80f1-7f78f2381ba5}\followonsearch@mozilla.com.xpi [2017/08/15 16:03:33 | 000,044,954 | ---- | M] () (No name found) -- C:\Users\senio\AppData\Roaming\mozilla\firefox\profiles\elbe2yn0.default\features\{aee4fbdb-6444-4c10-80f1-7f78f2381ba5}\shield-recipe-client@mozilla.org.xpi [2017/07/24 18:05:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2017/08/08 01:22:48 | 000,184,512 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\2.0.6_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdhembpgcpfegeigidembjopfhghnpj\1.2.0.2_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdeidgbmcliegnpcbbkhlflkbdpomhk\1.0.1.6_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\anakpfpojdnocblgejmienjaaggfgbdj\3.2_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\10.1.0.109_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjbmphpcgoelifjfgginkjholfpoioe\2.0.1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blhjobkfabeopalncconblmakfcllmhk\0.6.1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllpaelopnfgfampngdhgolbpfdkpdem\2.0.0.28_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdakbleigadgfigknbeifblafhimheeo\1.0_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.13.3_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfiebajnnakcjkedcfamhdfgckcbnhke\2.0_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd\336_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.5.2_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\dalgiebmfcjackkbjfbfmlnflbdfbekj\0.1.1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbaidnecjbnadknkpdlhicbamnjlccfg\1.3_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.5.1.1209_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\edoadhjjfgeniilpmnoaddaihjkkhheb\6.2_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeokebplgkeahnimfjeahkngagphpjdj\1.1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehihmefpkkchenckklpjmfaaobbfacij\1.0.4_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik\1.1.2909_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.279_1\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbimffnjoeobhjhochngikepgfejjmgj\0.8.1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg\2.0_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh\1.1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpjlnlnbacohacebkadbbjebbipcknbg\0.41.6_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdppgbcgacjjojopfkddpaabaneghiaf\1.0.2_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmebaamjdfjkhaaifophgklodieiflm\1.0.0.3_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gknphemhpcknkhegndlihchfonpdcben\1.3_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmpaiomihcebnclahoknbodeiaiohcdi\2.7.0.238_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.263_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcnldfbefeholndgjmnojdppfemhmlhi\2.0.1.28_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiochepkdogmgahcajfhjpheiaacingh\2017.4.27.26881_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmejdhkicbiigigkffmnlnibhgicdcfp\2.8.1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.5_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihgciffpgieigdjkjfclmjcheafejgpa\2.0.2_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimkonbchdkndameinobgeadelbeaabj\2_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\iolcbmjhmpdheggkocibajddahbeiglb\4.1.4_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\iolcbmjhmpdheggkocibajddahbeiglb\4.1.4_0\mix- CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpbfkbjcggfcdooobdfpacdabodogedh\1.0.0.2_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\knjmelihdopopenlgnhpoajjhckodccp\1.1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\knlgfedckdhkgjinnhogmhkbcjpmmhko\1.0.12_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\knpgbkpddpcepnloiijojmgbdhihkjkl\7.3.2.4567_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpbhbohcdnlcediiopngchhnnofnhaec\2.0.1.28_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\loemldldacgegipolkcnnojkaehcigno\1.0_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne\1.1.5_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh\1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpibmjcgbgjdccdkpekfjbmccbbbeenm\1.1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkpncleclnaihjlknbcpbjpanihohdh\1.0.0.4_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh\11.8_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhnleojaamgeebnacppalcedapclkpk\3.0.1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\10.1707.21.1858_1\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgdacedgjnjempjojkeglobekhdnljlp\0.0.0.2_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjccodhpniphbinlkkfjpffplmognkce\1.3_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ CHR - Extension: No name found = C:\Users\senio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6017.605.1.4_0\ O1 HOSTS File: ([2016/07/16 13:45:37 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Ant Download Manager BHO) - {8ABC6AE5-74BD-4c73-BB34-44526792D2AE} - C:\Program Files (x86)\Ant Download Manager\antIE\antIE64.dll (AntGROUP) O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Ant Download Manager BHO) - {8ABC6AE5-74BD-4c73-BB34-44526792D2AE} - C:\Program Files (x86)\Ant Download Manager\antIE\antIE.dll (AntGROUP) O4:[b]64bit:[/b] - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:[b]64bit:[/b] - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [Everything] C:\Program Files\Everything\Everything.exe () O4:[b]64bit:[/b] - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation) O4 - HKLM..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis) O4 - HKLM..\Run: [ACSW16EN] C:\Program Files (x86)\ACD Systems\ACDSee\16.0\acdIDInTouch2.exe (ACD Systems) O4 - HKLM..\Run: [ACSW16FR] C:\Program Files (x86)\ACD Systems\ACDSee\16.0\acdIDInTouch2.exe (ACD Systems) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKCU..\Run: [Advanced SystemCare 10] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit) O4 - HKCU..\Run: [AntDM] C:\Program Files (x86)\Ant Download Manager\AntDM.exe (AntGROUP) O4 - HKCU..\Run: [antMR] C:\Program Files (x86)\Ant Download Manager\antMR.exe (AntGROUP) O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O4 - HKCU..\Run: [Ditto] C:\Program Files (x86)\Ditto\Ditto.exe () O4 - HKCU..\Run: [OneDrive] C:\Users\senio\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O4 - HKCU..\Run: [SharewareOnSale Notifier] C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8:[b]64bit:[/b] - Extra context menu item: AntDM Lien de téléchargement - C:\Program Files (x86)\Ant Download Manager\antIE\IEDownloadLink.html () O8:[b]64bit:[/b] - Extra context menu item: AntDM Tout téléchargé - C:\Program Files (x86)\Ant Download Manager\antIE\IEDownloadAll.html () O8:[b]64bit:[/b] - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: AntDM Lien de téléchargement - C:\Program Files (x86)\Ant Download Manager\antIE\IEDownloadLink.html () O8 - Extra context menu item: AntDM Tout téléchargé - C:\Program Files (x86)\Ant Download Manager\antIE\IEDownloadAll.html () O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{f7d3b90c-d3df-41c3-818c-36fb3a623515}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\text/xml - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2017/09/01 14:48:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2017/09/01 14:44:01 | 000,000,000 | ---D | C] -- C:\Users\senio\AppData\Roaming\KC Softwares [2017/09/01 14:43:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KC Softwares [2017/09/01 14:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp [2017/08/31 18:23:37 | 000,000,000 | ---D | C] -- C:\Users\senio\Documents\VSO Media Player [2017/08/31 18:20:23 | 000,000,000 | ---D | C] -- C:\Users\senio\AppData\Local\CrashDumps [2017/08/31 17:36:26 | 000,000,000 | ---D | C] -- C:\Users\senio\AppData\Roaming\Ditto [2017/08/31 17:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ditto [2017/08/31 17:36:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ditto [2017/08/31 16:02:35 | 000,000,000 | ---D | C] -- C:\Users\senio\AppData\Local\Programs [2017/08/31 11:30:01 | 000,000,000 | ---D | C] -- C:\Users\senio\AppData\Roaming\Identities [2017/08/31 11:26:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2017/08/31 11:26:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH [2017/08/31 09:45:51 | 000,000,000 | ---D | C] -- C:\PMAIL [2017/08/30 16:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock [2017/08/30 16:17:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RocketDock [2017/08/25 14:04:06 | 020,648,960 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe [2017/08/23 16:42:31 | 000,000,000 | ---D | C] -- C:\$Windows.~BT [2017/08/23 16:40:05 | 000,000,000 | -H-D | C] -- C:\$SysReset [2017/08/23 14:42:59 | 000,000,000 | ---D | C] -- C:\Users\senio\AppData\Local\Recovery [2017/08/23 14:35:25 | 000,000,000 | ---D | C] -- C:\Users\senio\AppData\Local\Diagnostics [2017/08/19 10:35:00 | 000,000,000 | ---D | C] -- C:\Users\senio\AppData\Local\HitFilm Express 2017 Activation [2017/08/19 10:35:00 | 000,000,000 | ---D | C] -- C:\Users\senio\AppData\Local\Crashpad [2017/08/19 10:34:58 | 000,000,000 | ---D | C] -- C:\Users\senio\AppData\Local\FXHOME Helper [2017/08/19 10:34:58 | 000,000,000 | ---D | C] -- C:\Users\senio\Documents\FXHOME [2017/08/19 10:34:56 | 000,000,000 | ---D | C] -- C:\Users\senio\.QtWebEngineProcess [2017/08/19 10:34:56 | 000,000,000 | ---D | C] -- C:\Users\senio\.HitFilm Express 2017 [2017/08/19 10:34:55 | 000,000,000 | ---D | C] -- C:\Users\senio\AppData\Local\FXHOME [2017/08/19 10:34:36 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_7.dll [2017/08/19 10:34:36 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_5.dll [2017/08/19 10:34:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitFilm Express 2017 [2017/08/19 10:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\OFX [2017/08/19 10:34:06 | 000,000,000 | ---D | C] -- C:\ProgramData\FXHOME [2017/08/19 10:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\FXHOME [2017/08/19 10:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\Boris FX, Inc [2017/08/19 10:34:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Boris FX, Inc [2017/08/18 18:07:38 | 000,000,000 | -HSD | C] -- C:\found.001 [2017/08/17 16:18:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Tracker Software [2017/08/17 16:18:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer [2017/08/17 16:18:07 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software [2017/08/17 16:09:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2017/08/17 16:09:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2017/08/17 16:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy [2017/08/17 16:09:23 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy [2017/08/17 15:40:08 | 000,000,000 | ---D | C] -- C:\ProgramData\FlashIntegro [2017/08/17 15:39:38 | 000,000,000 | ---D | C] -- C:\Users\senio\Documents\FlashIntegro [2017/08/17 15:39:38 | 000,000,000 | ---D | C] -- C:\Users\senio\AppData\Roaming\FlashIntegro [2017/08/17 15:39:38 | 000,000,000 | ---D | C] -- C:\Users\senio\AppData\Local\CrashRpt [2017/08/17 15:01:56 | 000,000,000 | ---D | C] -- C:\ESD [2017/08/17 15:01:08 | 000,000,000 | -H-D | C] -- C:\$Windows.~WS [2017/08/17 14:53:38 | 003,377,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll [2017/08/17 14:53:38 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll [2017/08/17 14:53:38 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgentUserBroker.exe [2017/08/17 14:53:38 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BluetoothApis.dll [2017/08/17 14:53:38 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IpNatHlpClient.dll [2017/08/17 14:53:37 | 004,056,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll [2017/08/17 14:53:37 | 000,406,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll [2017/08/17 14:53:37 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe [2017/08/17 14:53:36 | 005,721,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll [2017/08/17 14:53:36 | 002,424,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll [2017/08/17 14:53:36 | 000,805,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll [2017/08/17 14:53:35 | 005,961,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll [2017/08/17 14:53:35 | 002,671,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll [2017/08/17 14:53:34 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll [2017/08/17 14:53:34 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll [2017/08/17 14:53:33 | 003,667,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll [2017/08/17 14:53:33 | 002,199,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll [2017/08/17 14:53:33 | 001,291,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll [2017/08/17 14:53:32 | 004,559,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll [2017/08/17 14:53:32 | 002,956,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys [2017/08/17 14:53:32 | 000,750,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe [2017/08/17 14:53:32 | 000,583,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll [2017/08/17 14:53:31 | 005,808,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll [2017/08/17 14:53:30 | 013,841,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll [2017/08/17 14:53:30 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll [2017/08/17 14:53:30 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll [2017/08/17 14:53:29 | 006,761,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll [2017/08/17 14:53:29 | 001,536,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll [2017/08/17 14:53:28 | 005,820,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll [2017/08/17 14:53:28 | 002,259,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreUIComponents.dll [2017/08/17 14:53:28 | 002,211,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll [2017/08/17 14:53:28 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll [2017/08/17 14:53:27 | 006,728,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll [2017/08/17 14:53:27 | 000,787,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll [2017/08/17 14:53:23 | 004,417,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll [2017/08/17 14:53:22 | 000,616,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrepl40.dll [2017/08/17 14:53:22 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd2x40.dll [2017/08/17 14:53:22 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjtes40.dll [2017/08/17 14:53:21 | 001,311,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjet40.dll [2017/08/17 14:53:21 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll [2017/08/17 14:53:21 | 000,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd3x40.dll [2017/08/17 14:53:20 | 000,554,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS [2017/08/17 14:53:20 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll [2017/08/17 14:53:20 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxbde40.dll [2017/08/17 14:53:20 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspbde40.dll [2017/08/17 14:53:20 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msexcl40.dll [2017/08/17 14:53:20 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstext40.dll [2017/08/17 14:53:20 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msltus40.dll [2017/08/17 14:53:19 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCoreProvisioning.dll [2017/08/17 14:53:19 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll [2017/08/17 14:53:18 | 004,213,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll [2017/08/17 14:53:18 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll [2017/08/17 14:53:17 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mswdat10.dll [2017/08/17 14:53:17 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mswstr10.dll [2017/08/17 14:53:17 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scksp.dll [2017/08/17 14:53:17 | 000,176,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\basecsp.dll [2017/08/17 14:53:17 | 000,096,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmcmnutils.dll [2017/08/17 14:53:17 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjter40.dll [2017/08/17 14:53:16 | 000,892,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe [2017/08/17 14:53:16 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll [2017/08/17 14:53:16 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjint40.dll [2017/08/17 14:53:15 | 000,866,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DolbyDecMFT.dll [2017/08/17 14:53:15 | 000,610,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll [2017/08/17 14:53:15 | 000,587,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll [2017/08/17 14:53:15 | 000,414,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll [2017/08/17 14:53:14 | 000,967,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll [2017/08/17 14:53:14 | 000,173,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsensorgroup.dll [2017/08/17 14:53:13 | 000,853,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autofmt.exe [2017/08/17 14:53:13 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll [2017/08/17 14:53:13 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll [2017/08/17 14:53:13 | 000,359,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll [2017/08/17 14:53:12 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GamePanel.exe [2017/08/17 14:53:12 | 000,877,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoconv.exe [2017/08/17 14:53:12 | 000,280,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe [2017/08/17 14:53:12 | 000,168,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe [2017/08/17 14:53:12 | 000,133,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe [2017/08/17 14:53:12 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cmintegrator.dll [2017/08/17 14:53:11 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll [2017/08/17 14:53:11 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cmintegrator.dll [2017/08/17 14:53:10 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VCardParser.dll [2017/08/17 14:53:10 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdeploy.dll [2017/08/17 14:53:10 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryUpgrade.dll [2017/08/17 14:53:10 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys [2017/08/17 14:53:10 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sscore.dll [2017/08/17 14:53:10 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tokenbinding.dll [2017/08/17 14:53:09 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qasf.dll [2017/08/17 14:53:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UcmUcsi.sys [2017/08/17 14:53:08 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastlsext.dll [2017/08/17 14:53:08 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE [2017/08/17 14:53:08 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spbcd.dll [2017/08/17 14:53:01 | 002,516,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll [2017/08/17 14:52:49 | 000,820,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe [2017/08/17 14:52:46 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgentUserBroker.exe [2017/08/17 14:52:46 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe [2017/08/17 14:52:43 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll [2017/08/17 14:52:37 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VCardParser.dll [2017/08/17 14:52:36 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll [2017/08/17 14:52:36 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll [2017/08/17 14:52:35 | 020,504,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll [2017/08/17 14:52:32 | 002,604,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll [2017/08/17 14:52:32 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll [2017/08/17 14:52:31 | 006,557,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll [2017/08/17 14:52:31 | 004,535,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll [2017/08/17 14:52:30 | 002,399,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll [2017/08/17 14:52:29 | 008,333,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll [2017/08/17 14:52:29 | 004,730,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2017/08/17 14:52:29 | 002,939,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll [2017/08/17 14:52:28 | 023,677,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll [2017/08/17 14:52:28 | 006,269,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll [2017/08/17 14:52:28 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll [2017/08/17 14:52:27 | 008,209,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll [2017/08/17 14:52:17 | 000,529,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll [2017/08/17 14:52:17 | 000,387,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpps.dll [2017/08/17 14:52:17 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastlsext.dll [2017/08/17 14:52:17 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll [2017/08/17 14:52:16 | 000,382,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys [2017/08/17 14:52:16 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll [2017/08/17 14:52:15 | 005,557,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll [2017/08/17 14:52:15 | 004,396,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll [2017/08/17 14:52:14 | 001,325,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll [2017/08/17 14:52:14 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll [2017/08/17 14:52:14 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll [2017/08/17 14:52:14 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll [2017/08/17 14:52:13 | 008,319,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2017/08/17 14:52:13 | 002,969,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreUIComponents.dll [2017/08/17 14:52:13 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll [2017/08/17 14:52:12 | 007,326,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll [2017/08/17 14:52:09 | 000,654,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll [2017/08/17 14:52:09 | 000,212,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll [2017/08/17 14:52:08 | 005,302,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll [2017/08/17 14:52:08 | 001,833,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll [2017/08/17 14:52:07 | 001,033,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll [2017/08/17 14:52:07 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DmApiSetExtImplDesktop.dll [2017/08/17 14:52:06 | 000,723,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll [2017/08/17 14:52:06 | 000,527,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe [2017/08/17 14:52:06 | 000,455,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll [2017/08/17 14:52:06 | 000,410,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll [2017/08/17 14:52:06 | 000,182,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe [2017/08/17 14:52:06 | 000,100,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcd.dll [2017/08/17 14:52:05 | 000,699,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll [2017/08/17 14:52:05 | 000,660,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll [2017/08/17 14:52:05 | 000,315,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe [2017/08/17 14:52:05 | 000,143,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe [2017/08/17 14:52:05 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryUpgrade.dll [2017/08/17 14:52:05 | 000,116,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcd.dll [2017/08/17 14:52:05 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RjvMDMConfig.dll [2017/08/17 14:52:04 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe [2017/08/17 14:52:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseDesktopAppMgmtCSP.dll [2017/08/17 14:52:03 | 007,907,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll [2017/08/17 14:52:02 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.BlueLightReduction.dll [2017/08/17 14:52:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyMATEnc.dll [2017/08/17 14:52:01 | 001,337,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll [2017/08/17 14:52:01 | 001,260,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GamePanel.exe [2017/08/17 14:52:01 | 001,054,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll [2017/08/17 14:52:01 | 000,923,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll [2017/08/17 14:52:01 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyHrtfEnc.dll [2017/08/17 14:52:01 | 000,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll [2017/08/17 14:52:01 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Display.dll [2017/08/17 14:52:01 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\officecsp.dll [2017/08/17 14:52:00 | 001,305,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll [2017/08/17 14:51:59 | 003,204,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Bluetooth.Profiles.Gatt.dll [2017/08/17 14:51:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll [2017/08/17 14:51:58 | 007,336,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll [2017/08/17 14:51:58 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll [2017/08/17 14:51:57 | 017,366,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll [2017/08/17 14:51:54 | 001,068,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll [2017/08/17 14:51:54 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BluetoothApis.dll [2017/08/17 14:51:53 | 004,445,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll [2017/08/17 14:51:52 | 005,477,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll [2017/08/17 14:51:52 | 001,878,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AzureSettingSyncProvider.dll [2017/08/17 14:51:52 | 001,052,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll [2017/08/17 14:51:51 | 007,931,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll [2017/08/17 14:51:50 | 003,670,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys [2017/08/17 14:51:49 | 004,707,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll [2017/08/17 14:51:49 | 001,706,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll [2017/08/17 14:51:49 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll [2017/08/17 14:51:48 | 000,712,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys [2017/08/17 14:51:48 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll [2017/08/17 14:51:48 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe [2017/08/17 14:51:47 | 002,805,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll [2017/08/17 14:51:47 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll [2017/08/17 14:51:47 | 001,468,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll [2017/08/17 14:51:47 | 000,524,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll [2017/08/17 14:51:46 | 000,536,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll [2017/08/17 14:51:45 | 001,046,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll [2017/08/17 14:51:45 | 000,687,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll [2017/08/17 14:51:45 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll [2017/08/17 14:51:44 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll [2017/08/17 14:51:44 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll [2017/08/17 14:51:44 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll [2017/08/17 14:51:44 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll [2017/08/17 14:51:43 | 002,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys [2017/08/17 14:51:43 | 000,986,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll [2017/08/17 14:51:43 | 000,872,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll [2017/08/17 14:51:39 | 002,199,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll [2017/08/17 14:51:38 | 000,450,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe [2017/08/17 14:51:38 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdboot.exe [2017/08/17 14:51:36 | 001,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll [2017/08/17 14:51:36 | 001,269,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll [2017/08/17 14:51:36 | 000,961,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efscore.dll [2017/08/17 14:51:36 | 000,473,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll [2017/08/17 14:51:36 | 000,119,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcmnutils.dll [2017/08/17 14:51:34 | 000,925,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll [2017/08/17 14:51:34 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbonRes.dll [2017/08/17 14:51:34 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll [2017/08/17 14:51:33 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll [2017/08/17 14:51:33 | 000,555,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCoreProvisioning.dll [2017/08/17 14:51:32 | 000,365,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Notifications.dll [2017/08/17 14:51:31 | 000,318,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininit.exe [2017/08/17 14:51:31 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scksp.dll [2017/08/17 14:51:31 | 000,204,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basecsp.dll [2017/08/17 14:51:30 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpasvc.dll [2017/08/17 14:51:30 | 001,275,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll [2017/08/17 14:51:30 | 001,015,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthManager.dll [2017/08/17 14:51:30 | 000,971,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe [2017/08/17 14:51:30 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll [2017/08/17 14:51:29 | 001,114,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll [2017/08/17 14:51:29 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll [2017/08/17 14:51:28 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoconv.exe [2017/08/17 14:51:28 | 000,926,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autofmt.exe [2017/08/17 14:51:28 | 000,770,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll [2017/08/17 14:51:28 | 000,579,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll [2017/08/17 14:51:28 | 000,192,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsensorgroup.dll [2017/08/17 14:51:28 | 000,104,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msacm32.dll [2017/08/17 14:51:28 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ofdeploy.exe [2017/08/17 14:51:27 | 000,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll [2017/08/17 14:51:27 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Flights.dll [2017/08/17 14:51:27 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdeploy.dll [2017/08/17 14:51:27 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profsvcext.dll [2017/08/17 14:51:27 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanagerprecheck.dll [2017/08/17 14:51:27 | 000,082,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys [2017/08/17 14:51:26 | 000,323,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shlwapi.dll [2017/08/17 14:51:25 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll [2017/08/17 14:51:25 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll [2017/08/17 14:51:25 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmsRouterSvc.dll [2017/08/17 14:51:25 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\configmanager2.dll [2017/08/17 14:51:25 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenterprisediagnostics.dll [2017/08/17 14:51:25 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\coredpus.dll [2017/08/17 14:51:25 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmclr.sys [2017/08/17 14:51:25 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sscore.dll [2017/08/17 14:51:25 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tokenbinding.dll [2017/08/17 14:51:24 | 001,525,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe [2017/08/17 14:51:24 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll [2017/08/17 14:51:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE [2017/08/17 14:51:24 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qasf.dll [2017/08/17 14:51:24 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spbcd.dll [2017/08/17 14:51:24 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setbcdlocale.dll [2017/08/17 14:51:24 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsqmcons.exe [2017/08/17 14:51:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll [2017/08/17 14:51:23 | 001,722,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dui70.dll [2017/08/17 14:51:23 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.UX.EapRequestHandler.dll [2017/08/17 14:51:23 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe [2017/08/17 14:51:23 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll [2017/08/17 14:51:23 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcsps.dll [2017/08/17 14:51:22 | 003,995,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbon.dll [2017/08/17 14:51:22 | 003,464,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbon.dll [2017/08/17 14:51:22 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\facecredentialprovider.dll [2017/08/17 14:51:22 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IpNatHlpClient.dll [2017/08/17 14:50:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro [2017/08/17 14:50:05 | 000,071,480 | ---- | C] (Flash-Integro LLC) -- C:\WINDOWS\SysWow64\mslvddsfilter3.ax [2017/08/17 14:50:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\FlashIntegro [2017/08/17 14:50:02 | 000,638,976 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\SysWow64\divx.dll [2017/08/17 14:50:02 | 000,438,272 | ---- | C] (On2.com) -- C:\WINDOWS\SysWow64\vp6vfw.dll [2017/08/17 14:50:02 | 000,413,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mpg4c32.dll [2017/08/17 14:50:02 | 000,261,632 | ---- | C] (MainConcept) -- C:\WINDOWS\SysWow64\mcdvd_32.dll [2017/08/17 14:50:02 | 000,221,215 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\SysWow64\divxdec.ax [2017/08/17 14:50:02 | 000,098,304 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\SysWow64\L3CODECX.AX [2017/08/17 14:50:02 | 000,082,944 | ---- | C] (Voxware, Inc.) -- C:\WINDOWS\SysWow64\vct3216.acm [2017/08/17 14:50:02 | 000,081,920 | ---- | C] (fccHandler) -- C:\WINDOWS\SysWow64\AC3ACM.acm [2017/08/17 14:50:02 | 000,038,912 | ---- | C] (NCT Company) -- C:\WINDOWS\SysWow64\alf2cd.acm [2017/08/17 14:50:02 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml3a.dll [2017/08/17 14:50:02 | 000,013,239 | ---- | C] (SHARP Corporation) -- C:\WINDOWS\SysWow64\Scg726.acm [2017/08/17 14:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashIntegro [2017/08/15 16:01:10 | 000,400,464 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2017/09/01 14:43:47 | 000,001,289 | ---- | M] () -- C:\Users\senio\Desktop\DUMo.lnk [2017/09/01 14:39:41 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2017/09/01 14:37:38 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2017/09/01 14:37:37 | 3428,708,352 | -HS- | M] () -- C:\hiberfil.sys [2017/08/31 17:47:02 | 000,001,218 | ---- | M] () -- C:\Users\senio\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk [2017/08/31 15:54:19 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForsenio.job [2017/08/31 11:26:44 | 000,000,382 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2017/08/25 14:04:06 | 020,648,960 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe [2017/08/18 15:13:20 | 002,124,202 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2017/08/18 15:13:20 | 000,969,290 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat [2017/08/18 15:13:20 | 000,779,038 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2017/08/18 15:13:20 | 000,198,352 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat [2017/08/18 15:13:20 | 000,176,328 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2017/08/18 15:06:05 | 000,000,638 | ---- | M] () -- C:\WINDOWS\tasks\TrackerAutoUpdate.job [2017/08/18 15:05:59 | 000,404,912 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2017/08/17 15:40:08 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2017/08/17 15:40:08 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2017/08/15 16:01:49 | 001,015,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsnx.sys [2017/08/15 16:01:49 | 000,146,704 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswmonflt.sys [2017/08/15 16:01:46 | 000,146,696 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswmonflt.sys.150280570856207 [2017/08/15 16:01:45 | 000,061,304 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\lpsport.sys [2017/08/15 16:01:04 | 000,400,464 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2017/08/15 16:01:04 | 000,146,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswmonflt.sys.150280570693703 [2017/08/15 16:00:41 | 000,343,288 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbloga.sys [2017/08/15 16:00:41 | 000,320,008 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys [2017/08/15 16:00:41 | 000,198,976 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys [2017/08/15 16:00:41 | 000,057,728 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys [1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2017/09/01 14:43:47 | 000,001,289 | ---- | C] () -- C:\Users\senio\Desktop\DUMo.lnk [2017/08/31 11:30:00 | 000,001,218 | ---- | C] () -- C:\Users\senio\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk [2017/08/31 11:26:44 | 000,000,382 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2017/08/17 16:18:22 | 000,000,638 | ---- | C] () -- C:\WINDOWS\tasks\TrackerAutoUpdate.job [2017/08/17 14:53:21 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2017/08/17 14:51:31 | 000,778,240 | ---- | C] () -- C:\WINDOWS\SysNative\MBR2GPT.EXE [2017/08/17 14:50:02 | 000,524,288 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll [2017/08/17 14:50:02 | 000,245,760 | ---- | C] () -- C:\WINDOWS\SysWow64\lame.ax [2017/08/17 14:50:02 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\Lagarith.dll [2017/08/17 14:50:02 | 000,156,910 | ---- | C] () -- C:\WINDOWS\WMSysPr8.prx [2017/08/17 14:50:02 | 000,139,264 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll [2017/08/17 14:50:02 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysWow64\xvid.ax [2017/07/24 17:29:23 | 503,043,688 | ---- | C] () -- C:\Users\senio\AppData\Local\AcronisTrueImage2016_6595.exe [2017/07/09 11:37:13 | 000,000,295 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\vwifikerneldrv.sys [2017/07/09 11:37:13 | 000,000,295 | ---- | C] () -- C:\ProgramData\fontcacheev1.dat [2017/07/02 18:20:58 | 000,000,140 | ---- | C] () -- C:\WINDOWS\Reimage.ini [2017/07/02 17:31:06 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2017/07/02 15:08:50 | 000,000,036 | ---- | C] () -- C:\WINDOWS\progress.ini [2017/06/08 12:40:12 | 000,059,904 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll [2017/05/04 11:33:27 | 503,005,056 | ---- | C] () -- C:\Users\senio\AppData\Local\AcronisTrueImage2016_6589.exe [2017/05/03 16:22:12 | 000,209,022 | ---- | C] () -- C:\WINDOWS\hpoins21.dat [2017/05/03 16:22:12 | 000,006,174 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat [2017/04/19 10:34:29 | 000,000,129 | ---- | C] () -- C:\Users\senio\AppData\Local\d96d84c22028be3ca609ad7b3c8c43ca [2017/04/17 15:14:19 | 001,293,240 | ---- | C] () -- C:\WINDOWS\ddmmain.exe [2017/04/17 15:14:19 | 000,012,728 | ---- | C] () -- C:\WINDOWS\SysWow64\ddmdrv.sys [2017/04/17 15:04:46 | 000,017,008 | ---- | C] () -- C:\WINDOWS\SysWow64\ampa.sys [2017/04/17 15:04:45 | 001,806,960 | ---- | C] () -- C:\WINDOWS\ampa.exe [2017/04/16 11:11:12 | 000,000,082 | ---- | C] () -- C:\WINDOWS\SysWow64\winsevr.dat [2017/04/16 10:07:41 | 000,000,129 | ---- | C] () -- C:\Users\senio\AppData\Local\7c39a43d106bc654c33bc9bd433afb5e [2017/03/18 23:03:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2017/03/18 23:03:41 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2017/03/18 22:58:56 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2017/03/18 22:58:54 | 000,116,824 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll [2017/03/18 22:58:54 | 000,112,128 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll [2017/03/18 22:58:54 | 000,086,528 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll [2017/03/18 22:58:52 | 003,200,000 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll [2017/03/18 22:58:51 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat [2017/03/18 22:58:48 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2017/03/18 22:58:39 | 000,307,200 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll [2017/03/18 22:58:37 | 001,859,072 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll [2017/03/18 22:57:47 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2017/03/18 22:57:03 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [color=#E56717]========== ZeroAccess Check ==========[/color] [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\windows.storage.dll -- [2017/07/28 07:16:51 | 007,326,128 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\windows.storage.dll -- [2017/07/28 06:40:18 | 005,820,984 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2017/03/18 22:57:58 | 000,961,024 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2017/03/18 22:58:50 | 000,770,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2017/03/18 22:57:53 | 000,510,464 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:FCCDF7B1 < End of report >